Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
12/10/2024, 05:51
General
-
Target
38b2d5fcf9ec29275b1d6323989c868c_JaffaCakes118.pdf
-
Size
73KB
-
MD5
38b2d5fcf9ec29275b1d6323989c868c
-
SHA1
cd90f10abb90a6d052bc280d02290c588050271f
-
SHA256
ff1b37aafd5e6f3612686be74b8aa1b5a95f42f7d36adf14842b210498e6c4b1
-
SHA512
333fe4713a52dcdeb7fc2fce78fd54c2602e3811468c8fc9ea44afec6a446ecf55d8a3290ee8aa84873531cffbd7ca1ce62d469f27862be7c0680cc4a32e90f7
-
SSDEEP
1536:tzB5ahrkmj/iKNWrEcewt2wRcXg4yy0IuIQ9BfNlxOTcjYAcWinN0tTOWkNpOPSP:VOrkIib4Qt2wRcXJyFZjYBn6tTzPY
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\38b2d5fcf9ec29275b1d6323989c868c_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5a777c35d1a10540063ae2e9189584968
SHA1510a61f354b4eeae6f8eb37a43c46afbda4d2974
SHA2568e6a99697daf2f9cc5539969d97c664a592d0a73fb3e75874805b8f91992fd5b
SHA512d0ad9ad65ae8d527a97eef8eb498399afb228997c396533b78cb3f975bd8f0aeb3ac36eca9f2b7cfac63d8186f3e573831e2d263892cb1bad7176cab26e73e7c