Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
02-10-2024 01:29
General
-
Target
0841f2e931cec80038db1edcc2c2de30_JaffaCakes118.pdf
-
Size
77KB
-
MD5
0841f2e931cec80038db1edcc2c2de30
-
SHA1
2c631cacea21e149d0a076abe4070e2006478610
-
SHA256
c0614374e18aa93e0c099c037282384ea1a32b6785641e23c1b60c653a15ae4e
-
SHA512
b40afe6f6f1b8a73e9c000fc96bfa54a1553ab916808958ae352bd1e572e9b05650576a3ef902aa2943448232df0aa4f23b11c02401ea112cf2888463d03dedf
-
SSDEEP
1536:O4rwas4i6+vGvm4two+WPbmcNeal5dK6hHXWsjRGpuo:JEx4igmhTWPy2vdr3WuGL
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0841f2e931cec80038db1edcc2c2de30_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5020fed10c992b108c54f8797fabe7004
SHA1cc1146fdbc47447292951483d945054bdaac22dc
SHA25651233e9c94b9327a915f8e5621a018a67ad7da8692b21043ddfd4b310d066f71
SHA512a8d15a09342ff50938459aa756857f51e2af8bec90b6785f68d360ed667f78bd44e91006355ff53818b9d3898eb8cd2ece31b4288de40ca3b5568806d5d99411