Analysis
-
max time kernel
94s -
max time network
18s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
-
submitted
02-10-2024 01:23
General
-
Target
083c869c75d212b7d0748d4d2cbce1f8_JaffaCakes118.pdf
-
Size
65KB
-
MD5
083c869c75d212b7d0748d4d2cbce1f8
-
SHA1
de1cacd38655bd5bacfdaa3fc1d31091a6e32410
-
SHA256
cc5c9b8d614fde21e0d4fb1df1e5f995d6b64c981e859efa18fb47b32e99432c
-
SHA512
b4072b8f660343ceeaa7469a97828bd81b57b65fc9c8582b290e53887fcb8a3b8d593fc57a464e8a04b0e5ac2d47ec54f7c5ba07b14abaafba51acfc488d3620
-
SSDEEP
1536:+93jGu4xqoGixCYoONDYUKl7eTZObgTF9wOw+QbJUJL6hVvv88jDVTX:PHvSY1ND8l7e9v1fQ9vhVU6D1
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\083c869c75d212b7d0748d4d2cbce1f8_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD577ae1f126eece376218ab8234ad81578
SHA14cda78da484ded9d7e90eb8c2daaef8d21cbb1f4
SHA256daa74b1d875394391fb4a4235e659196878e078913046555788e18367f002e60
SHA5127bdf8c6e3daacf51acdaea0cdd74e4036cac897d996c0edc03051510ac541f033703616447953769b8262ef72ec5448d415d175303e2391855144ce890f94de0