Analysis
-
max time kernel
119s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
13/10/2024, 19:31
General
-
Target
41ac106b612d210893640a590768d87a_JaffaCakes118.pdf
-
Size
86KB
-
MD5
41ac106b612d210893640a590768d87a
-
SHA1
e83fec38e48c22dac467378c796781c6d535a77e
-
SHA256
0a5fd7883b32dbdb637e95c0e44e836683df495bb9813a508712b9f2f207ce9b
-
SHA512
3c12a2dfb17dfb44290fa19a9491856469481ea31f2f5f25db34c05389cbfa20c3c409c02adf3ff2dc373623a27a6326d34ff9f5eb65fcfa9cfe227337560cd9
-
SSDEEP
1536:QdZ8TthIzqE+3AReLQfwdL5bvXmTS7DOuqblfVLIKBcPSJWUmHyDpzjfH2W6pOut:3TthIWpKeRL5Pmu76uel9EEJmSDx/zut
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\41ac106b612d210893640a590768d87a_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5d81dc0f9409f9be0386507e302892de5
SHA1c7b3542acbb17981bd336d1d14abe3b652861a35
SHA256727a3f05a9fe1dcb9d2803fd50ef03c4f07e10347607d2d67f648b2ae2a88586
SHA512c357a3b479f8a9eb0f1c7c3dd21a197e47bfbf79929a1f1f9d07aa387f145a3347610271c9112ddcc79ac407cb6891d355d2a8360eb91b7752117ae047323d19