Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
11-09-2024 09:29
General
-
Target
da0f13c63667b0ee2d4ad396e96c5be7_JaffaCakes118.pdf
-
Size
38KB
-
MD5
da0f13c63667b0ee2d4ad396e96c5be7
-
SHA1
06321449c42aa13288715d3029f14f208afddfea
-
SHA256
093b56bf00562f6d5626f862c53be2525e549d75757671e9651fce468ecc3349
-
SHA512
be7ffe8b0a31b24c8c84891cb77581e73ac8251815b553edb6adfa9e682f2d590b6953122d4e572feb3841ab66dd5c4ee8dfbcdd300c63829ef83e92872df11b
-
SSDEEP
768:gR5Gl6XV7D0eifAH7xMkqWdNg0LnnKzIb3oy3MmB6mb4q2T92jETFH1KAJ+hNJDq:g/7p3oL
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\da0f13c63667b0ee2d4ad396e96c5be7_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5a4cf88ba7323f8bdff4ebe394a6b28a6
SHA190c32ab9e80bef242d983f0e0a12318ffc744b85
SHA2562c6ce289494cdf3cf60adf1bc226f34e380d70bf84f0211ecff74ee7e7951ae9
SHA51200942a1bc15ec47fe0a8216ce78d610bb29e2b8dc8d804da6aefe96a9e38ce6152f1c460644f0a11c47af9898a6f9c6bced17faaab9df7af96a7825de3a1d5e0