Analysis
-
max time kernel
118s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
30-11-2024 05:05
General
-
Target
b4e9c24a2d1f50289d7c57c94f7da559_JaffaCakes118.pdf
-
Size
90KB
-
MD5
b4e9c24a2d1f50289d7c57c94f7da559
-
SHA1
7e089364d3154c24858546e3a0a0ff4629ed9431
-
SHA256
8daedaeeca5e1ae38719c8511f80c68359e2439d8e7680fab6866a9656099bf2
-
SHA512
9478ac5f97d33d8c78792874456b9ecd1785c880c44e42f8764b9339f1f820b8e97077844343aa7bf346df30fc905804e42e19db1728531eefccf77daea9babb
-
SSDEEP
1536:TwBjbrqr+YJp+SW9xSLD+iEt4R+4xxvmz+CBkV/WuxKYZpIBzW6pOu28aJ5/32r:sBPuIn9MWXt4R+4xxez+CgKEIB4u275e
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b4e9c24a2d1f50289d7c57c94f7da559_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD51c88268e1387e3167d8d764edf0728d5
SHA18a509242112695e021f8ab3c052a233804a0d931
SHA256ae3c5a71ca83c181d9b6e1fd9c8bed9d01b8a835a91be25e57b5d053ccdca4dd
SHA512ed122b42a8183181e30fcf86aa8908fde19e93aa0ddb8c072cba14a7009aa2e61aac7136474f687ff69b123cc3b7cd3b01c92f5e6c138db32ad2be7312d95e26