Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
04/10/2024, 21:42
General
-
Target
15042ff0d07298a456a8e6e8bc051aa2_JaffaCakes118.pdf
-
Size
79KB
-
MD5
15042ff0d07298a456a8e6e8bc051aa2
-
SHA1
e8bed78af5b9ed0614572129b5dbb7f2b5f6b5a9
-
SHA256
0ccec795ca94a447fe79001892fa99ad87bdcb730a10265be52e4d4164a0b9fc
-
SHA512
a089ba1218bceac82a5ae89c311dcfe995915f9abf29e74d6cb4f1bd6c9cc9c1147e438b703d62c58e4dade9adac86c13d780160e2ef033219b6ad95064bb213
-
SSDEEP
1536:X88b3INaKkGcpymm6lXIOIGmM1coYvMbyP8BL1MW6pOu26WC1xCgdBWHA7:MCYUkB6NmM1colyP8BL1Fu2gP5bWk
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\15042ff0d07298a456a8e6e8bc051aa2_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5fd8257b97a3bccda8b8e9433c9ae5f30
SHA180ec6c253c76d1e25b61fc506a9af8471dc58319
SHA2568233fdbb63321a1936127abf8c6de4eaf6d4cb16493afcfd9f4af0c9d16a4aeb
SHA5122c0e2d5d8467b540a60e1f83409cb8d9faf8796ec8e090c04e92f263f3e60c320a23390ca293f904be90954be3efe3033f50e8e253523ff1e860703d33b42bf8