Analysis
-
max time kernel
120s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
09/09/2024, 13:39
General
-
Target
d66d7e3a7d694810e9615e71c27c1b94_JaffaCakes118.pdf
-
Size
48KB
-
MD5
d66d7e3a7d694810e9615e71c27c1b94
-
SHA1
681423e4c1876722bd2897b8e2ff7657af214095
-
SHA256
515b41f3a86a4c1d71a9f27763df3375261fae52b5425705122baaa86e987a13
-
SHA512
0ed0b9d1e77e9bfac644f8d831ada8648e964a71bc9b72d810c3acd7d3961b188ba6c315f76879b9f88059f77272c0b7afd6ea33ce650962e5076f304474d3fd
-
SSDEEP
768:hgGzpDmURxfMK9OZae0/PudaEf4aKbkI/8AQQ/I8UwbOcJxoASSxll0YqwO25FOs:SGF6cMKHXur140ZeSSxll0RS5cOcS
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d66d7e3a7d694810e9615e71c27c1b94_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5b2c53a0b7075d47e1cd5116e0697f3ca
SHA16ac70d098ce20a59878d2f58090b4ceb25c3a8d1
SHA2568c19ff6a8f752afb016e78c477536133eadd5425476bf42f3b213668905b4537
SHA512fa0e697f816ad897457d2be1a6c98aab083a5ce9aac6f399c1f04916a22c7d090ecaa056e6838b68cf78b1d7e8fed61e5b41d8bdf4d5c0849c2ea87f8728863d