Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
24/07/2024, 06:35
General
-
Target
6a975c817a0911d10f9c81447dd5c40b_JaffaCakes118.pdf
-
Size
85KB
-
MD5
6a975c817a0911d10f9c81447dd5c40b
-
SHA1
12a915dd0081d753972f99ed513cae39f819bedc
-
SHA256
2008acb6b32afbc07c4a234a2d6ad487a44df555626e3da05d9893041545f92b
-
SHA512
4fb1af8c6f4ed59ce7ba00c0bb487d625c10c5d734b5f7ee0e4fcc753f30e19967e9c31e48cd14b42adce250a4123ce379064480cab9abd4c251b5aa3307be93
-
SSDEEP
1536:LcPsfhI/v8TDKI+0tZ53a2Eiy5glG4YWGpOKdSIw+W+zl/fE+Jb/gKj:Vh4cfTtZ53a2Eh5glG4tKcIwwzl/TJbL
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\6a975c817a0911d10f9c81447dd5c40b_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD537b24ff5078fc73b186bc233b6e6a31f
SHA1516cc1aabbf1944fe9023fd79b1f923942b10af6
SHA2565f9532cf78938255e2e1884923c8e850092709e89271d254f9d256c9306ea0ab
SHA512b4730fff6bf2e284568f82fd533d0346bd11975b695eab25a71e6e8ca7746e7840ea4297f1e8159aa50b1d1a053efea45eb23266757a77631520b2f963a91c41