Analysis
-
max time kernel
94s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
-
submitted
08-10-2024 23:09
General
-
Target
26dc08d781112c2fe9880d4d667433b8_JaffaCakes118.pdf
-
Size
72KB
-
MD5
26dc08d781112c2fe9880d4d667433b8
-
SHA1
b57eb1305e231fe2ecacdc7d9cc90a955387178d
-
SHA256
0bed872629ad5ad42a36d54ccc7b1fa8fd6fdcf2ebee37fa9d30ec4c28225113
-
SHA512
23b612740b7c6d393c583bb35a51de346acf32579aac75b7d052b5512c5db22ebfb28492b651b218e47aaae2cc26c125b4a25b234fc48767860a396f194a1a08
-
SSDEEP
1536:5k7ZFZ8mss4dF7xFuIqTvo65BpBILO4EEDGHEx7VHyj6:G7ZP8mssE7mIt67/ILOBEDgExxHd
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\26dc08d781112c2fe9880d4d667433b8_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5c8bfa4a6daa2e79d198f0e53c541c087
SHA1addae97200959cf0785cf22aac149ca74b899f5c
SHA256325b67b634e5ed3cf6e9697c6e39b9beae08ed84441070719c4737bacb7f3364
SHA51268d195d317675b7c38ffe4a5d1ea647fded0b6ea6fa052a6987b71d9dd665d46de69c7c80cd53b8d2092255df62bd9fee923f36fcf81b6e67e0ded9c3cb6b418