Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
14-10-2024 19:25
General
-
Target
43cfab715b1c7281318ba80002b15a9a_JaffaCakes118.pdf
-
Size
105KB
-
MD5
43cfab715b1c7281318ba80002b15a9a
-
SHA1
2072a06ae65d68a1ffd61419e6ee09e3bbdd8f46
-
SHA256
10ebd60cfcae3c6231e1fe9093213124900f30861df6f26541d0c86a0f7dc832
-
SHA512
26ab946437363990da7651a512f5a2caca698c67429ac5be28a85ef34944fed50b93b93af98ab7f349d6a1293ee571ef75b69263af0bf93fa9678557971eee30
-
SSDEEP
1536:gt+VYONQWF+af/KBgomZoQXWGauEG6miXm6aUGUQaAy5GgZH4rohwUFJo8aeKAS:DbDomTWxu9Z6a/UQaAu49UFwe6
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\43cfab715b1c7281318ba80002b15a9a_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5b608ee4850717afa58487b46f4c7089a
SHA191d7bcb762c0d726b144650f5ff499cf194521cb
SHA256a078535fa6f7d3bc75e913f411f02462489c0c9275143e6a20d289f3beeaefad
SHA5127640432d85d62702cd4365c40f56578dee3323dcb4f8d3f01bb9309892808d1790a0fc8736cc0a6e674778a600edceff119c3c197b02d6efb74d9eee65272e8a