Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
02/10/2024, 06:02
General
-
Target
0938a1c11f371aba49517aed006e972e_JaffaCakes118.pdf
-
Size
73KB
-
MD5
0938a1c11f371aba49517aed006e972e
-
SHA1
0adda5ae72f482daf60aeef100a6dac2d1958bfd
-
SHA256
a4295f919832a8f4d4396f65bc7f838bf9439df8f2ee80b59fb1f5e738ffefc5
-
SHA512
128943c93ab271da6429e543ec830d71f08073e8ea0d3640dda824acfb95f47aac0d399523424747498e7fe2094b381d652e1f6bc0d95b462114ff08dcd2256b
-
SSDEEP
1536:UdbRMi/MQLSeoaofT3yMe9xO+WGpOKCWDCkQwoge1SxYsEm7ki8:ibMQuuofGMez+Ktewo3uYsEf
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0938a1c11f371aba49517aed006e972e_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5ea7476867214ee3d954b543b1d5caab5
SHA131276307501490d65544a973af2aba99ac6bb5bc
SHA256b30a66b1ba021ec47fb05eafb08f595abcf69d10da13d5d35f5769a476aeccc6
SHA51231cbe6e8f4abd6dbcc29b5e162d68783973147632bc96a8439b419c3fc0fded70babad1c8d27a403f22ae67d60ed4fe5b6010f2ace44a7f06a00b9402a69ba58