Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
-
submitted
12/08/2024, 12:50
General
-
Target
8ecd6f094bdd6faf2e5f9add25d15938_JaffaCakes118.pdf
-
Size
34KB
-
MD5
8ecd6f094bdd6faf2e5f9add25d15938
-
SHA1
c448c25842428a40d67fac30d6c58df8db76a9d1
-
SHA256
5c8d808659e303b572db4813d5d649f6c8cc16497c49eed8241d5c09cb1cf2d2
-
SHA512
4f24494c8e06e6ecd49aac6b79c1035a77e9038b80a45e16fa15bbad84a5f83bc7b4e05de023332b66ef616317b53a4e125ed9df70c5bc9ec415a3567174dbee
-
SSDEEP
768:MVyPQha52bA3kxaz2v5wyhyzHp5a1RCl3ClQ:KyYh/xi2/yz03u
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8ecd6f094bdd6faf2e5f9add25d15938_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5cbbd152257e1e3d3d3d590b578fededb
SHA18c8d7cc3852364da02b264ce03c704e35566aee9
SHA256431845073fdab4b399721067c5dea41dbf81cd7df01de84bdad7d3bc6063cc52
SHA5129188020c7831c39329630bb2630ae8aa7d589fda05e0cfcb1733bbd065c1135b5b22bad51deef8711a962085737a70851711d8b6dab12cd90cf9f9e6304e250d