Analysis
-
max time kernel
120s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
-
submitted
11-08-2024 22:04
General
-
Target
8c26ecb31dc9b780e3cc6ced5af24fd4_JaffaCakes118.pdf
-
Size
84KB
-
MD5
8c26ecb31dc9b780e3cc6ced5af24fd4
-
SHA1
94cd4eb5b9d541bd43b795216a537941192569ae
-
SHA256
68abba5349e4b4fde51a0d9e44bb986014c6ee9dbe225494ac6f8c6468b087c6
-
SHA512
1f9a917020eb4cf1cea7bce75ca2744dcb8b4197a7dc47f32a435bada0ccb31af3f430a10c261b55a9f35f68876b59b1f9a69abfe27664c6d55ab1dec1b47d68
-
SSDEEP
1536:o3K0LluUzS1dG7M5diYp+X3A1Vcel+zqNOb497QJWApO6eWZ4zt9nTkprx1:r0LluUzSXO60YpG3McelPNM4cw6SnS
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8c26ecb31dc9b780e3cc6ced5af24fd4_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5dbf5c967194dab17d0195f18960142b2
SHA14e08ede603ba42cb7c02fd8559fd2ea5e074732d
SHA256ed14ee1031036861b8a122013c8916ac5d4a8d2592dd560cad050e1da983ff5c
SHA5125160bfd91ec11c98fe1d7f877bf36eed74f580469ff405fd3bbd4825b0c7729a3be55f126382e4c8736c4d924848dc7b1191af1036240dba2df1ce2542d911ac