Analysis
-
max time kernel
117s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
04/10/2024, 20:44
General
-
Target
14db8f4110e3823a237e9b36f807a34c_JaffaCakes118.pdf
-
Size
71KB
-
MD5
14db8f4110e3823a237e9b36f807a34c
-
SHA1
3028fa43a93932130f30f89b8b3c0180ceb023fb
-
SHA256
80f1d9d9a8f7a9aeb29e24a2a23e49c543aeb75f6842b96d4460962a14bc66f4
-
SHA512
62ca2a8824ba76cc13b362e4f2789aae71fa7b5e837ecbac7a2487767f4e2edfe6d525c7b7f0194be97474f9d0f2cde08518d2d67ad79a0808e2e7fd32d31b90
-
SSDEEP
1536:x0bt0HDKNWnBZWj4o6ZU2tD2BvlBhtXf8azJptYewAOvfwU:6t0HDyWnBLowUiidDfzb+BAOvj
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\14db8f4110e3823a237e9b36f807a34c_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5f0675b908edf45764ef7b7eca96805bf
SHA1fa6724026683d1603de32cdbe5f336cf17b2a750
SHA2560cf4d22a73e74f00df81a0ec4424bbe24490bde79e29c97210122452c1be6807
SHA51299e0e4f6620556c7df61904d20797881c17da17fcc5ae343d7d6df7d7182b293ddd13e77f32853da29d2e02d65e1ee3539095d4af5f55df21716c5c4282fe931