Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
01/10/2024, 08:17
General
-
Target
04ffc097f062a9ca5723f7afaf9defda_JaffaCakes118.pdf
-
Size
73KB
-
MD5
04ffc097f062a9ca5723f7afaf9defda
-
SHA1
b15ff02ccd93d005832b7b498a7bb9465f6f89e4
-
SHA256
6e107ecfdd36970b508ce0aab39e3fe80747cb936f0d6e3a553685e784bf2080
-
SHA512
55ce0b4e91b51b9611f114369691c0b24c19fb5e6f423ccd47f3c23475c815d307074ca19cab3cdab48326ba17042376267561f6faef0a246197d53606ad02d6
-
SSDEEP
1536:hT/9fSc7fpKGLFY72z2O5tZiZPnjE3nJhqRxYhP/GJrZNRTYggUFalhlCOCuN7:B/9qc7pKYY7hO3gZPnjwCYMJrR8gg3hd
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\04ffc097f062a9ca5723f7afaf9defda_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD556daf7b2b9f544d55ebb0fcdcd84d32d
SHA1cab0b44c338bff45975d5b37ca3eb66563238da7
SHA256f93d521aff8534bf56dfc921b9e325d9406266aa8b9cb90e78295b831472381d
SHA512dec5882ffe0be02feb6ffcf66539336452239921e7f8ef98dcf04fda1e375c14ac6c7ba462a87931696dbbea18356b4795b98e51b808e237a78bb0a87ed72f69