Analysis
-
max time kernel
94s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
-
submitted
12/10/2024, 07:03
General
-
Target
38ee793354a3bbfa37c8a4866dfb9ba0_JaffaCakes118.pdf
-
Size
75KB
-
MD5
38ee793354a3bbfa37c8a4866dfb9ba0
-
SHA1
c16ae3d8cccfd8f20450a22a42f83ffc828d6643
-
SHA256
504f8addd04b65066fdb0e39fc09068f562778c97e2e42cbd0fb26a55c7b5d78
-
SHA512
a49767ea837cf4f66ea41f0b693d9d9ca4c11c40fa30cb4c11c6020f622f8daf0b5a9993ad10c8e9cf09627070e5e7cd6c4dca4b600e872215591add0c61cfd3
-
SSDEEP
1536:2PoqR3Si1hO+gjjGzLkbXjlqiObx90D5fu+ISm+Xedq3q2ToTVXmzkTPhF:TqochO+CgLIXjQtbxXX9q3q2Ykkb
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\38ee793354a3bbfa37c8a4866dfb9ba0_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD56df66817750f0fabf1e49b06671f4634
SHA16e63b57c0c5801ae75efcf10bf0596d6be38f1dc
SHA2567739ae46ad47490623a5d8f98e744e78aa4823dfdf9afee0665f7564641ee6d9
SHA51252026fe5f308cd3a8fb85994da69c99ae282016d02ef1c22bba9632bdc79d0908623c4168a9a177077ecb63e916922edf2777c6aaeeeca00a8ad7157672cf3bb