Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
12/09/2024, 19:17
General
-
Target
dce3b49d13f634373bc2f035fddafcba_JaffaCakes118.pdf
-
Size
41KB
-
MD5
dce3b49d13f634373bc2f035fddafcba
-
SHA1
e4f06ed6128b9f6bb7b73aec99565a6cafa560e5
-
SHA256
e8b969a57be7ba21a15b742aa9f92cc78f3a0fe87548531ec5f6eb1753cca572
-
SHA512
61bb18c40026b82d31966048c3634a25cc2c95119569e06001289afbe3ed6ec2bb0e0be1fb1b391bf9af6b2f18d76508acd63ae743524d9ed1eda7ed37b46e41
-
SSDEEP
768:mBgGzpDtp6LPJ9LVsXAYNQA4Ily77dhr3rnLDOqs++0G8AcFerhOGLA/WY4DoUM:ZGFZp6DXr3rnLiqF+Jcw4WY4cUM
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\dce3b49d13f634373bc2f035fddafcba_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5caa5fa691d11f6f6ee67f069b02f1bdf
SHA1576d92efc3499623bb049060ddc45ed8344a31a9
SHA256c1d12cc9fea4c1c71164f0a2c975595c537fb2680ce5ae70327066c240f67c95
SHA51296034f251173ef4cd48594c165b1b86053243d5626bde33e9adcaf2a5f9ba20e4b4772dd0703fb39f51bf2c2b4546a152de73c61c2582ff44fa293cbd504df08