Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
-
submitted
24-11-2024 01:27
General
-
Target
91c9e3c79b1452e87824c01d76d389f5_JaffaCakes118.pdf
-
Size
74KB
-
MD5
91c9e3c79b1452e87824c01d76d389f5
-
SHA1
bc0207cba660159e2eb77bbb03fbfd7ece40aee2
-
SHA256
97d6fc949a6cfdecadaf5bfb0c3e809abfd4a045ad70467c704c6ac38aad0f35
-
SHA512
2be64f3ded7857fe1f294dda230f09abff7f362e21501bbb277bfcf6da6dad40ba4da0ff6aaa45fa0a19b04ffe769a7d2728341b253bbd8643ed4e11fd05cd86
-
SSDEEP
1536:CEg4KHpx00xqT9D6X6SFLEHoiKeh+HDVnJdrzgl7TjHX0Jrs:Tnr0UxD6X6c4HrKeh+jVnPkTjHE6
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\91c9e3c79b1452e87824c01d76d389f5_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD51b0860854fa829acd077efc61289b114
SHA17bd663a1cde7963fc1f23bdee9add0dea8698605
SHA25689e1cdbc777e974e3b6b412bf36768816409bd71721d1febbe0ead21bf0954cd
SHA512b9c5ac575dfd181d98285f9769c1d5c48155829c0ba67ba961c4de3ff722f0c9fc3bc26f2a3f54d29ea05ae28c3f606719ed4204c8fa330edea1d53c55678f9b