Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
02-10-2024 15:32
General
-
Target
0b5f2be7fbd05941385c110602eb38e0_JaffaCakes118.pdf
-
Size
83KB
-
MD5
0b5f2be7fbd05941385c110602eb38e0
-
SHA1
6c9f3766901f44d46cadcd430ee620023a37cb8d
-
SHA256
506b6c0bc2137fb1fd69807e2153b8369eba382d45bf25e1e97606ee98431b77
-
SHA512
ad21e2db4d51b1b0c984da9f5d3a8589c6179f5829c3f66e05cd2e7eb2ac0d267c88622f14beed172fa96f039b1adcd0c47f078da7311e69ec8bb2280591c393
-
SSDEEP
1536:8D7Rbdd2+2roKhl2y7g9hQ3bN2cWVsfCMXah79Wu2TkJJqwuqG8WmpOSkKYZ:8dbq8KhIysHQ3bccTbX4CkfTGRSW
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0b5f2be7fbd05941385c110602eb38e0_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD54de07420b4ba0d165b166feb1be66c87
SHA1b6b4d68ed8a4457837335899fb3e59805e4b3cc9
SHA25621b5af7d7a3736cb9a757f7741a6650c88578bc776eb6ae4b1ab312839b6afd5
SHA5120ddc8f2cbfae514661fe6167ee8db0cb9f9e6514b1071f8ecb43110776953cf57b70bfe47bbe75ac574a32ee6b246db173e81ff5cd9e05ad19acbeabd658c6ad