Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    04/10/2024, 14:27

General

  • Target

    13bae8691787b801e02f742ccad18f3b_JaffaCakes118.pdf

  • Size

    80KB

  • MD5

    13bae8691787b801e02f742ccad18f3b

  • SHA1

    0859e5ddbe90851e7173a9832be764a3ef8ee94b

  • SHA256

    bed7f18f06bcaf00edd4d606aff0fbc8b0b4be36ba7f716e3a7b1fe93700f1a1

  • SHA512

    c665a2ae1a780974c7ad386b0481aa5baa0755fe47dcacc01ec02371eafd07497fd8c84c7f9f3f364a6b23e7293f64da56c1bdf480411f54b895e6226ac2fe83

  • SSDEEP

    1536:KFRgP/6iipMjMpq8Dpit8c/u1XvQj1arZ8566WveBr:GRY6ii+jMo8Dwt8cmRYsrZ8566Wva

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\13bae8691787b801e02f742ccad18f3b_JaffaCakes118.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1812

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    955b499d3152d885ed2896f597b94629

    SHA1

    0a47691e87c3d455935d406673a646f4cf69c9d9

    SHA256

    38451d7ef01e84849d2975611c94f61222340dbd09683c34360778bc95304c8f

    SHA512

    97f44496cdf3e5963a6acc807aef280eba9ff157d9492e30b43405e50be385baea88e6a309c1e218ad7e34f4275e5f7850bf321811c39394091d9a7bd68cfc79