Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
02-10-2024 00:44
General
-
Target
081ba7d06963f58891d0d8b3cb14d4c8_JaffaCakes118.pdf
-
Size
35KB
-
MD5
081ba7d06963f58891d0d8b3cb14d4c8
-
SHA1
efa85ee56bb592e4956255f90f9b48d15b6bbf8b
-
SHA256
7de47a0566a84ed6a0acf215b44597fe38095f625727392c3074b85046e83698
-
SHA512
2fafe9cf692018817974a10cd4aa11672aacda89fe9548e4f0528194796b8b5261452bd0a6032de04383c2dbdbbcf848ab2b67ea43b432d84b27a0423d6e46b2
-
SSDEEP
768:9DuVQ5rCuxjemtp2a0Oq1UViBgqf5JCVewEOlb5rJCz6vh7eA3NUEYSJmrqQ6I:9DuVQ5mucq4a0Oq1UViBgqfAewEOlvXq
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\081ba7d06963f58891d0d8b3cb14d4c8_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD53f0d173d912878e1f7a1947a44656368
SHA1a30dd0a68e2cbda558f5355b2842247c03763cff
SHA25663f3d8127f0792188552922e7aaf378e0d5cc387bc587e19ec9cfabcd401dc45
SHA5127e4a730e9978c097f2d5fba4d8753b5bfa6821c349f11c571ebe707ef2ee9ce412c3a94fb1fb885b398db6e6e38c156b3a53dd1d53c893163e96cd7d9d39d6e1