Analysis
-
max time kernel
119s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
30-09-2024 09:14
General
-
Target
008c948196c9dab8391a13d7c4134dbd_JaffaCakes118.pdf
-
Size
75KB
-
MD5
008c948196c9dab8391a13d7c4134dbd
-
SHA1
3b567dfb42ac0e9ee523a10da8219b2e53e8758f
-
SHA256
b315c2b530c5ccb7c0547bf404dcf135b538ee180c84637fcb6e059b17c26238
-
SHA512
5c18cc2ff8bfb8e4f135f77d6d95322e63a378d1bcf4d81cf2810fc65e4aea734a62e8338b4ddb1f0fcaccd1486a3b521a4b8eb5f42f59f63e531e564999ac57
-
SSDEEP
1536:1u1sOwjr5cyny2YYm2NIGRAobNROpHipYwqecKF:CE54/G1bNOHi7qej
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\008c948196c9dab8391a13d7c4134dbd_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5ac95e49b0768da5cbdf729e5d4edb525
SHA17257c27a12f3ce6e659a1181265aff067f20941d
SHA256a0afe46f792742ee7cd28cb7afe3bdb4d37f78c6e6d7f1da9c209fd752fa87c5
SHA5128aceedc61006cdf6874fd917ec4420eb0dc9ec8a1d21f5f8394d136c59265170838862f8f5f4199475420aabc3299eac4f36579722e5546cc5bc1ef1b2bd4862