Analysis
-
max time kernel
118s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
09/10/2024, 02:18
General
-
Target
29117b91daa708da6e03eee1747691b1_JaffaCakes118.pdf
-
Size
85KB
-
MD5
29117b91daa708da6e03eee1747691b1
-
SHA1
39e8716420b6642ee2f8dfa4edc1bb4cf50ea3b9
-
SHA256
81fee41447de3d2c534b1c521ad263622eedb07bf2f71f612c1767bd82683ddc
-
SHA512
cce416e64115c4fc559891b578de69580b813d4f3fd6f9be03d4c1f22bd397bdc4fb0fe854aeaba40728d5f1100771e1aa4279b0f9d01ee395b7b54fa5190595
-
SSDEEP
1536:yEKRaS8ovR4FAR6G7QIZ4vFZ5X9AQs1bmWFaZuhFVC8TdI9KW4HEJO+bfUWrjPn2:dKBxRak6fC6FZ5NAQZWFK8hFW4Helj2v
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\29117b91daa708da6e03eee1747691b1_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD554564cc658644eb7e0c0a96e729fbd6e
SHA1e38baa71c281208726b0dc3fb9eb4a96e4bf450a
SHA256e2a2c9761a678b421b48e8b73a1f846001133598300bfd5f193b9b99f17f26c9
SHA51259a99cfe9e217d0e30e9f93bb52fc8337d25ebaefe43b49b4f8678b12c9d5cfeddc38fc4d7c4782ba8ffad58f758620b736d9ac89afcd231f1d4f8f88ea5784c