Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
08-12-2024 15:22
General
-
Target
d7ba3fde14800868e10ddd0c101019c5_JaffaCakes118.pdf
-
Size
81KB
-
MD5
d7ba3fde14800868e10ddd0c101019c5
-
SHA1
b6671aa3fefe9053d44590f92e444b53344d2250
-
SHA256
2239d4daf943375c572054448f53752e3ae9bff3a6a9291bbbbd108a07fd268a
-
SHA512
1f1660bc5a634d8b3dbb115fe0c876f9739b97061491ae86acc5a1e10f2110f652219af434359b510e93b85502ace74e4d6d149223ab36c58cdf6ad05a0f1e8e
-
SSDEEP
1536:oQareTTII4qrKs/t0etAAj7MFFHiLRyMs38Ahd0r9CXZbGw:dTIr63SemiMFFgRyMsMAX0r9C/
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d7ba3fde14800868e10ddd0c101019c5_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD59fc8cfb7c52c1fd79f0e297c23b0e177
SHA178b573c02ba35e0f9c578a3c66991c21f95f4edc
SHA256e096ba30b96ea6acac5078314e2a5092e0824f113b14f938da28f7241278b0d9
SHA5120cabfcdaec1e0142a2e545ff914547adb4e13c4e4536c02e8008a50b6a260f34e219d3d73b7029a43f05a9bae2de268c371d120e9c2ba2ff04d94e24a694f8f3