Analysis
-
max time kernel
117s -
max time network
117s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
11-09-2024 15:33
General
-
Target
daa9a2a7791ec5eb058800636fa95a81_JaffaCakes118.pdf
-
Size
31KB
-
MD5
daa9a2a7791ec5eb058800636fa95a81
-
SHA1
1aafe8bb57e3d09cfeaf8eef7e9fa82f06ebea72
-
SHA256
3a477c20fcbed78546bf99aea21b738128dcc15c08113ac18af417b4c31f335c
-
SHA512
d4cf189f52283f3fda8ea3b979ce60a8268e22f0a180c5e6263a29385c3e5d44286bd1db067b85329b0924628a17b611b8bee8a2d10df43d1c4c538ff9dd8416
-
SSDEEP
768:XXuMZmwgCLWarAMzkwwiQoXXdsehrIYHnUYI:XXFZmGWSA6T2qrIEnUt
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\daa9a2a7791ec5eb058800636fa95a81_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD54d776d25ff3e19cb41b88b812383d3d5
SHA1920d6e39f8c0f0e2bb94df59bd34c02d3b24ef8a
SHA2562f4403f577328d5035d97580640c03bda66b54bedcf99f7a3b093d253785e620
SHA512d70fc5e2e328df83e514c530eaa3813a35e045bd365ef902ba569b24aa50619661b2b5757506da2899542510434c2bf3d0f3c7981f4a92a76ababd06fd8757a0