Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
08-12-2024 14:40
General
-
Target
d790c3cbd2d8bcc793e789dd07dc3e87_JaffaCakes118.pdf
-
Size
88KB
-
MD5
d790c3cbd2d8bcc793e789dd07dc3e87
-
SHA1
9ac7dc51631a29b6a8c473b35a31c8be1548abf8
-
SHA256
d32b5f8c5e7de88ce8139e87e24ef657a53bdf7b53b402be0ce281a00efacdd6
-
SHA512
36176aa4a5ecbe579a5cc76b6b0015188ece155b87c7c9a33cdcd441091ca2cf06d77bbb3f10934211f6d1c857d73a08335561ee9036e418cbe08d6dd40ef321
-
SSDEEP
1536:O5aHO1F0mO4DgWgD8dD8QtnnKXnEkc6Ixh8NTIOULwlCmA95yOWkNpOPOHiy8WK4:nOz0mO4flrK3yt8JIOUslo5yzPOHiy5Z
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d790c3cbd2d8bcc793e789dd07dc3e87_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5aaff1ebe3a0001af446ffa6be7e0c4c1
SHA10488117f3dacc589e0ad106421a24b5a65d359e9
SHA2560875965328dc09dad216e108a0107d08bf23b04ed4940bcf9619135de2e86882
SHA512ee60bd52fcbecb1e180249b801691cc51849a95d25e3ff459fb5f4854da4ea9ba69e8dfe9a24d31fe7458f3fd75de5991143ad05e00d18e7b5789621d826f6ae