Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
08-12-2024 14:51
General
-
Target
d79a7b5e57c49ccd200d3ad462632d16_JaffaCakes118.pdf
-
Size
68KB
-
MD5
d79a7b5e57c49ccd200d3ad462632d16
-
SHA1
c636df51af1a2fc66378bc548257eb42816e0897
-
SHA256
a64c9af83884aba63207552a4f23b96adb62a6cfcdbd309bc849d42fec9ce768
-
SHA512
413ad25def1d92f4a00d3e51c562d409b4d343c3ff661a8eebcc8e3cb0abb21d0779bece262f18e2ec65f34007cf98a874fe5a507a1e64d7dc7facb2b3a6aeb1
-
SSDEEP
1536:LvK0nmxjC4wO70Qz58FN+xjUTqYwQFWgeei:bWjXd7d8FExI3wYWgk
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d79a7b5e57c49ccd200d3ad462632d16_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5673a12b8c87b26a2306c8dc2e463874c
SHA193ab0bdaa3b2df101e749ff5a5e3b757a33943ce
SHA256d4d41e628874e57305fd6304404a9c1fc46632cc8cdb6772e88ec4be264b42d3
SHA51228517f5e10683f466f66f39e6bfe2436aca40b4ff5356a3366ef788b48a6bdbe907cbda7af6df234bf425bb72f32a289ec096221957b3d1bbc8983b78aa1048d