Analysis
-
max time kernel
118s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
09-09-2024 20:44
General
-
Target
d7103cd7336a985a0eec880fd3e1f276_JaffaCakes118.pdf
-
Size
107KB
-
MD5
d7103cd7336a985a0eec880fd3e1f276
-
SHA1
542ac85e11d2b43469eaa5ccbc04989e6db1ec08
-
SHA256
41a0fdd500ece3acae2f7a1b71370390a335ff7d36351132d99442a50c0724bc
-
SHA512
e736193b357290053216bb013a8eefa19156847286f59fbe934cb4750024445a31fa03cf60da680798b78a7f736858d8131046ca438f0bd822e9675e91e90146
-
SSDEEP
3072:pkiDwXMlAHEK+TSuoiid0VEqXL0HBFd3uIumz3qyLExFL:6r5E3nEqbqFd3u9mTDg
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d7103cd7336a985a0eec880fd3e1f276_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5310375de8b896caa3a8433df19b41ad9
SHA1e47271d0d715b064bbb5619508c9080cb1217269
SHA256c6b4d4d2e3941ab7165db62aceee7bdae65673370565d68d9465f51e8b9cc8fb
SHA512128046761737e076d89e1ddd0457d9682da2e722acc1dab1145468a30953800f1b4060259ce1f1016dd3f227d89fc3c34462ee831bb06c4b1b86ebc07f8d46ba