Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
09/10/2024, 06:40
General
-
Target
2c9c4e49940ef7b5fc4b7c274dd8520c_JaffaCakes118.pdf
-
Size
73KB
-
MD5
2c9c4e49940ef7b5fc4b7c274dd8520c
-
SHA1
933e5d0a85de5f0868c7daaef13f8efaefb37aee
-
SHA256
43567d60f49444b87e1174f49d71f1b574d59add8595bcaccac461f78cb42107
-
SHA512
b1bd567ed9ceb632803d559af0a04680cd3a5e462fce93882325e011a2fa906b12f888cc86c32fef3882e340bbbdb49414ebe2bc23b6ec9b7a7bfd77da0c9a98
-
SSDEEP
1536:IpQl0UoBPRThN8epUjh/zE6Z5Vn5kw88dbIk7WypOlWWxttPAA3sYtyAdrG:m1hBpUjSSf5k5yIXlDttPptl0
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\2c9c4e49940ef7b5fc4b7c274dd8520c_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD53c21478ed2711abc6bfd1e63f9a96475
SHA1e854863d6fc61d091bf897dc6f43a5d5216cb761
SHA25652469be5876d85cbb6fd1ad68e5e0d3bb55a61ca3a0e4d0925812dd6bda15bda
SHA512393b97992c95cc16d44bc2d5bf5d62ef8e342411b557923f5712862dace929a4f25bbf5d6cfda0cfcd54e2b039dc83e32b47155a7b875acc4d93bda39a5aca7e