Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
12/08/2024, 11:50
General
-
Target
8ea0f00e6d5d4248c0f7a9c20a9b3695_JaffaCakes118.pdf
-
Size
59KB
-
MD5
8ea0f00e6d5d4248c0f7a9c20a9b3695
-
SHA1
6c60b67aba610ddabe59dbd097247d2d5fe9382f
-
SHA256
52f4a119dedd8bb73e4eb2b6fdb09208ac5a005d27043c3d26c514e6f94e3944
-
SHA512
93e32c4da650413c4946f4099220c849c446ea422b956789e45d54eecab30b2b48b90997cc32ad1de345516be7c02da25abd32e2a004bb64b22ac096e85d4d49
-
SSDEEP
1536:BswIeo98ykjIQMycv7+ERf/TvckaX4sGcttjx:Gr9Se+EJCIsGct3
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8ea0f00e6d5d4248c0f7a9c20a9b3695_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5e2a0a5e9622c67147507be1fb844b978
SHA1365d68b8422ee0874a4b49bba099fd78c6dcc9dd
SHA2567aef93f4d99fbfb04e63577e057284d800e721f2bf87935e10fb30ffff0cb534
SHA512f446f40413b4fe0956b7da8ff0a3f7ae36dca663ba85cadc7f5fbe78d366beb23e5b549a9bac6bf4cde611477e6e55522f9618e8914b8c7b75e3fc1a05481885