Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
12-10-2024 12:17
General
-
Target
39f8554ff62d67ef4c116e08f5404b5f_JaffaCakes118.pdf
-
Size
101KB
-
MD5
39f8554ff62d67ef4c116e08f5404b5f
-
SHA1
cfe42c305f015c49761f9ed08809dc414983927f
-
SHA256
e766f5c5d0088767f092b383331f6a4df6a19c400b06bce5bc06f87521901da7
-
SHA512
5fc069f309d6c794024f4e710b5e41095e6d96a268e56c0a143833e960573e5419e04ee515d911a7cfa5cb72e9de1f42a325dafc47d8b0b35afeee98fe92cfde
-
SSDEEP
3072:QQohD445vFM3tfoib0mAhSUqkQpXPKhZgkK6W:X0ftStfZ3A4fohZ8P
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\39f8554ff62d67ef4c116e08f5404b5f_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5a594bcde768cb08a3c99f159f7c60e6d
SHA120eb43d417d3465e383eae17f9510affec07c9a8
SHA25671bc5ff868323ad8bf46ec4d7ab9e3c9305d95210f222f7e933326a75ecde3d3
SHA5121b7b8d6cbf225e4f55d2a97913194e8e375ba89a0b852508a06b8ba67f86d84f8d66af9d073f461ca15cf0b813e94562b510c23e791dca756239ef7ca84daf55