Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
09/10/2024, 07:24
General
-
Target
2d28eb78c11002d2ee70258b1040c4e0_JaffaCakes118.pdf
-
Size
87KB
-
MD5
2d28eb78c11002d2ee70258b1040c4e0
-
SHA1
f2b945ae1f239a1766b1658ae6be88b9792898fb
-
SHA256
c1025a91bd053b49a8f59c4d201e4bd7cb4657bbfb785c95c1f55e28f38d1f59
-
SHA512
3678b1898f5ec1c134969c20d7c90a65662003c05699d97af2b90328944b250776bf7ac0208fcf4187aa93a6ba43cadfca0a17bdacc50eabe094af47af5d8216
-
SSDEEP
1536:bXEk+36LU3Kl94brhe0Dak2r58C89B59PcOZMWWBbu0JjyFX87WBQdRe18mWapOq:4JSU6l9mrfah8C89v90wpIAFX82Q/08K
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\2d28eb78c11002d2ee70258b1040c4e0_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD53480034b4f851d18496b5276e8bf61ad
SHA1c4462e8045e2ed2272a8933355756a57b669aef9
SHA2560f2b1b2b9c95c696103992ca4559adf3306dafc92d91bbbd15efc85ef048b3e2
SHA512acbcf573920315d251a131a9dbde96f85669beb882f200fb0da8c9ed802f7eda36bca08a4a5647444d75b1e31aa8019d5e640b76e5a9c77cfd11d72e5bdb1b27