Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
16-08-2024 22:02
General
-
Target
a01b31166a2af393f9c18a406f9c01b2_JaffaCakes118.pdf
-
Size
88KB
-
MD5
a01b31166a2af393f9c18a406f9c01b2
-
SHA1
453962b4bd31e781aac4cbe86b5339b98272dc94
-
SHA256
2905876e60373eb424798f0e1a4080eff906e395b2ebfab4182aee8902ab3151
-
SHA512
8d503e8f518efb4708a096aedaeea3fdcd2c9ace6f8977005ac87e2598373dc1612d7b95e1bfbf92761e2b4da40456b747971ec45bd041b9221b1d1271b66960
-
SSDEEP
1536:wCevGBkTNOMLYBBF7QRufWfcpxTczbee7pbYT/V6vK5rfM/q6b/xfLWv+Dg3cvWm:9ev45IufWf2geq+TtrfM/qeU+ecC7TC
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a01b31166a2af393f9c18a406f9c01b2_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5d8a596065391bf7c222c57888d6e5b03
SHA18fc0ade019c5cf4570c99d9c660ba577ef9bf5c0
SHA256a11270582f3093a38af9edb03f31cfa17c71f3a97c101220a4355f59cf0bae3c
SHA5128e6c248475c5e119182a20c6e66614020f04b262a1521269d7353dc31072b016e4696a2893887b3816703b3eb7d7d5476c7cfcaaffc1ce2ebd168d30094108bb