Analysis
-
max time kernel
96s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
02-10-2024 01:38
General
-
Target
0849e770fd3903470158355c9f5b98ad_JaffaCakes118.pdf
-
Size
76KB
-
MD5
0849e770fd3903470158355c9f5b98ad
-
SHA1
dfca12b6ac951bf905b78bc968488121d6b2f8f9
-
SHA256
e06be26f4ef012a576ff61e9e1c731330b9b3dcd14b16a318b768e3ed3436ef7
-
SHA512
84cf74763b6a300db9bb61739cc9b88556c768a44d47ffaea6c9c68ea6f72b8fb4b17e05d7aaa1325f02a8dcfe99b47ca42cf54f6e8bcc1393bdfed18186f21e
-
SSDEEP
1536:03Wp8sU9xTRwTPdIeUqAB1ge6zPtEp/WNRv0/whp6HYWwpOSbPd:OApUNw+JGe6zP/0/whpanSh
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0849e770fd3903470158355c9f5b98ad_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD546cf867c1c8858fc515200dba9d845ff
SHA1c5d4981411232ea2b60eeb05d2d9ac64a203a94e
SHA25652712af761a2652e25b40f9c85d7c0f6452285f658aa9e2a8cd5a81bf386c6e4
SHA5123111caa99d789c375d2bf77a2c0ddc61f25a323da85a4836d4bfb0b6281f0bd51202b328966595c7151b7072be740bdc31c5bcdd586a6c09ea1936d554fc946e