Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
-
submitted
13/08/2024, 15:25
General
-
Target
93a8ca9b63d046a61079315612e77d46_JaffaCakes118.pdf
-
Size
85KB
-
MD5
93a8ca9b63d046a61079315612e77d46
-
SHA1
545896bbf8d9531bf5ddcb653b5caae703be37a5
-
SHA256
7b5e6f441740b6e9315ae0b0376acdbb9affa826bd6caf3c4eb4fcc928972fb4
-
SHA512
75f4ef27046faf92d6a2a64b79b0879a05c42f29fa20f232935c209c2ca7304198cd6a0cd5646b144289d4957aee0865188fd36bbe74b155698387224125680f
-
SSDEEP
1536:b6sJpTfcKCPvVLV/wzo8WOpOwrKWOksc5tMqdkd5:v3TUpvVLV/bZwrgkscPMuk
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\93a8ca9b63d046a61079315612e77d46_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD597e917f63b81439b9cc7545d8b3600cb
SHA192eebd1d6f0369f355bb99fb83c0d24e87a66261
SHA25613393b5ffa5fdd959f95f9c0f82ad0889f24e799df6673c0849608884b4e3221
SHA512a099f06b479cf878e6250f4354309a40e1831f0b057f0e889afaa4afbc60c708908f0afa4cb9d989bc2052dc3b5b016bef3e295a1ea7bcf4762767f061c18ddf