Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
09-09-2024 09:10
General
-
Target
d6033d5a2b64c228249b39c34314957f_JaffaCakes118.pdf
-
Size
46KB
-
MD5
d6033d5a2b64c228249b39c34314957f
-
SHA1
f3a5002bc0e045f2d97f9e73611d93ed6bcbc69f
-
SHA256
f12b99d1afaae5ca2c3e56e1164bc2f4f050d9e1e13b3601a933002e59891dbe
-
SHA512
b33da9845fc282ad90e1850dadd78db0d3648d8a203c53e772300d07453e969e81d81cd498e2953d7c49e30d635ff3b4da9e1f588dabfbaca661eb9531e3e947
-
SSDEEP
768:dXuMZmwgCLWar08V8y0AW9fsv9PxfPvp6C9i7q9xGPsHiSj1kAy30L4qhZc/5:dXFZmGWSFV8yMfG9P9Pvp6C9i7q9xGPx
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d6033d5a2b64c228249b39c34314957f_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD502c5b80be7961863478d2827b3671b00
SHA18f9064ba26862ca308d748a80e8a7928b30220ce
SHA256c13da2dcf4ed74ca577a8fcba1d49fe2d6a72fa71cc897f70d5a98d86cefaa24
SHA5124834731b3ef774a825e157c861fc6a8bc398e64c3446f019146327904b7f19e84f5efc84c5208232ab0627c16c9305cc1c43406cd6542fb592e4fd3b19eb79e5