Analysis
-
max time kernel
120s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
30-09-2024 09:43
General
-
Target
00b02fc878456b3d8d3f687462f30513_JaffaCakes118.pdf
-
Size
246KB
-
MD5
00b02fc878456b3d8d3f687462f30513
-
SHA1
fda59c135d5beb287ecfa58376a4acefe6968243
-
SHA256
20058d8ddbb73066f4ce90663a8cb7ddd8a8c415f23aa05d1d0927ea52e9d8f7
-
SHA512
87109672f31e5b21ad318d9748483b1226abe5e8c5d43b0d4f98f4f59492f4748326b801460be2c35beecf9521892a2d53aeafecce4eb83668d15c32c45d873c
-
SSDEEP
6144:9nVtc8651tJ7qlYzF2lX/5/QTdomOC4sKf:9m51tJGlYh2lxcdNSsY
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\00b02fc878456b3d8d3f687462f30513_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD54f2884d635de4bdd7adb05de9b0c65bc
SHA11f0900ae5792238ea7eb3cc97955096d5bc75d0b
SHA25682a0bdab3b39f3b08922b237c91df881809f24d55f91f25a8022d4db6ef0e4de
SHA512520fd02a93253698a9cd060e587f45ce7af79bb9a8d9699ffd610445b4069921fe749e05bb65e05a33abcc468472debe91e477fe9ff99db5922e14723b2f5880