Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
24-11-2024 02:05
General
-
Target
91f520c807f758b0373a4a4e1d9f5841_JaffaCakes118.pdf
-
Size
79KB
-
MD5
91f520c807f758b0373a4a4e1d9f5841
-
SHA1
3b78e6468bf0ecc54b7f939d43098e90882cd1be
-
SHA256
05d4d9b8b0d37de74f2a4271c3c7c0b86f05f7727c97feda38762f893ae04a4a
-
SHA512
48a2656266c9b5f5bb749b86bd7408aae7d799c3767e423708bdd5e75661015892997c3e94f42e85373ed311c86c90b02b2468d7cfd8f4fa16d28a4a2698bc99
-
SSDEEP
1536:x2N9O2zNAo6jMwXtdb/RFnBkOB+OZ6+E+5Ih9j1seWApO6eWn1aApA:spUwCpRBjB+OZxE+5c9Bsl6za/
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\91f520c807f758b0373a4a4e1d9f5841_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5aa3e04db14d9180e05f0ce80303616cc
SHA1f7cd2a178d8faf471f6f6f04d80d638c766b0ee8
SHA256fbec9e89372bf8ba9faa552540088bd8ce8f4ebee1589247d20157ec1f70b096
SHA512c6aa93bae6ec20a9ba2fd451743f496842ed95f39eb123b3ddfa42762dd7e6d35db60b963fd55881539e1edc97789fe0c6dece0edc00e51d3ed096fb489b6df6