Analysis
-
max time kernel
121s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
08-10-2024 22:02
General
-
Target
261b486b661063a48a79f9ee1719d216_JaffaCakes118.pdf
-
Size
101KB
-
MD5
261b486b661063a48a79f9ee1719d216
-
SHA1
bdfca8fa14b863049ce90ff6d546820a57bfe7dd
-
SHA256
e496e32175e0b66af87837ad69156e1d8c2b5540326d3751cdc0d4391cc8bcd0
-
SHA512
b227251b9c03055291b11ccce6631a081c70543ddc190facb973381c817142515f0b7bfb5b948b634cad035b73c5d99f2b68f49c20070eebbed05f31e3b15dca
-
SSDEEP
3072:gfCl+e7JmhP8FnbZXAxXSRvIcqFtaJt3GSxw6CrR4CDD:gfCke7MFWnBAxX44QxGZP
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\261b486b661063a48a79f9ee1719d216_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD58460bb0bbeec2c74e970ebdfc28c9923
SHA1f43a5eacd78b01652726152b42ab2cf606b7d2a7
SHA25671e537e7108ceef064c55b4cc36224980f003b293c838f500b98abf6062fce65
SHA512a7e379eae682c0f64fb4d10b6e0facb231d241d61be04433d7bda17b0784d43e9c92a9ab4556f208a994d0755d62755044050b351960a73b6eeec619fc0f32b1