Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
02-10-2024 10:50
General
-
Target
0a4b309faff31c642b2e629e48817dd5_JaffaCakes118.pdf
-
Size
98KB
-
MD5
0a4b309faff31c642b2e629e48817dd5
-
SHA1
464a8e9ae838fb11f2f75f7d882eac5549e506c3
-
SHA256
3094e411933a8f0c499637b58b5c8c25212ff68072442ef465871cee12dd0c4e
-
SHA512
372e0857eff17b7eeda417062f6995fc13d4d1e955507bdd961e65685447e2f14cc39f72573f0de65f9c81c95d14a908c777c42c00ec938daf231be0e8a1b705
-
SSDEEP
3072:Va0OWQNCZ/64J+fdiO/SgPqZ/BfSwr1rOSblL:VXOWQwZS4J+foR/PrdN
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0a4b309faff31c642b2e629e48817dd5_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5800e69294a2ef1d1ef7f17d8f5b2eb0f
SHA10079a34d65a986b68b215fc7b58fa802415dcce2
SHA256440e3064d3db86a72c3722f1c6ca52efaf3858d46f9b87401a3dac6335dbec6a
SHA5121a0031a7352a84b3a641c2d4ec646dbd9a6fab0dd778f675df061483c7cea104cd26a036ec7dcb52168dba3ec7205f5ce34d855abec1b6bf6f4cae513ecf2669