Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
03-10-2024 06:02
General
-
Target
0e45976e34a2b842721687e9243874ea_JaffaCakes118.pdf
-
Size
88KB
-
MD5
0e45976e34a2b842721687e9243874ea
-
SHA1
d5399b7fb668cd6c4d0f18fc45d2f561d24e83f3
-
SHA256
de90088db1df30ca9cca4dccd21e3b1a63339e5e289d944ec7759254cd32ad8b
-
SHA512
148a6f43d3df1f54a034382b66ae82cd0a7954a80b625ef76b0da2b8172e1aab8a8556d52f569b8583f02dd420c63196128be3d9dceb9c0cc2c1c4cfbfbd1c01
-
SSDEEP
1536:M6QxCNxQJNf53PszIyaXv+zUXTkozre6vPd9PKM/TAw4I9cH/HLdPWOpOZyWvBGR:r5IJNBfAIftDkozrvviM7f9cHvLdoZtc
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0e45976e34a2b842721687e9243874ea_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD577eb350fd20493f5f65749e585a04f04
SHA1238d527bc5ca31f216816c89c6cbf9adc3a9a1c2
SHA25666a75e3a8275aaffc5b1e4b010e41a9988e867883a5c802755f5befd5ab5326a
SHA512eb84900027fa5238e398e678450803433d0ff969c8c94c145978c3a26b4ca72ef025a1d2fc681dfc511bc11713f489ffc05e11a32470c9c3d69ab96aa809e10f