Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
-
submitted
27/07/2024, 08:37
General
-
Target
778fe13ca67032d2544b5caddc228c53_JaffaCakes118.pdf
-
Size
85KB
-
MD5
778fe13ca67032d2544b5caddc228c53
-
SHA1
0a89d9a7fb78973ffd794fb4fb17822b33633a5c
-
SHA256
ee1a6f63ca0a4b2c6a74ce7e51aa24d90008eb09b31e72b645b0d8f8b7733b4d
-
SHA512
a49280fb4cb080ed2fb2ccc94a971380cbf7be3823353ed1fbe6f6f10700494e8dca40767755c4dae2920651041e7cde2b29ee81807ed760ac63c66db3540cd6
-
SSDEEP
1536:cy3sXXjoV7vBKuH9ZfN5JEIpTIQsV7jp1In9L7DgWxV5QpulgAo/W8pO+q0mJGH:uXTkD4udZfN5JxT4j4DjQ8gAo2+q0mU
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\778fe13ca67032d2544b5caddc228c53_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5d83937f603e5928333e419c3a75e2900
SHA1465e74fae19acc450df828dd1a9348e2cf1cca8d
SHA256a90ad09610345fa73bd3cb6664a4c13500a530dcdb9707d46f19fa435a625ac2
SHA51254ec619e9a709063d038fb8c0a1a128faa4c70c2f22326fd5a5c31c317f6c85acf7ac641b208290928395f9d9e0dd928628749f9c04df2174ff0b97ada96cc86