Analysis
-
max time kernel
122s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
17-08-2024 22:02
General
-
Target
a44ff1b7b74252c8e37e8810e687f2d6_JaffaCakes118.pdf
-
Size
85KB
-
MD5
a44ff1b7b74252c8e37e8810e687f2d6
-
SHA1
26fed7b4becfd9b3a8dce593b50b81e6e9849f67
-
SHA256
4ff14974799dc371688ad33411a4999aae30e98ed165bd790b7d733d7cefb0c9
-
SHA512
870b2adcfd1ba36bd7e3b9d52e7feaeadaba6977871e712268c7d81695dbda3ac13b97ea8ca6612a8ce7c45d6507d6aab603b30a0655cc90455bf9f40b20e268
-
SSDEEP
1536:kgV6OIhwMDOx0amXhRREbagYqpNYQ/pFySdfg6taWv0Fv8f7Kn1LK8wTfeuzWmpF:PV6ENxrmh0mZYNYQVJtKpHLWTfeusSF
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a44ff1b7b74252c8e37e8810e687f2d6_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5a10a87c43af7c729ee3334ee71c75416
SHA1f382960dddcf856f044e9c9566a91b4dcfbb7692
SHA256cd2e4164df4de6ab5f0f18bb1d8f1399cefc2702b91e24eaa9c56d33089d1c67
SHA512f9abc5f206371d597b9b0ea1fd4139ffe4ec6ff1724c2a337103145aebbd503ed1fb0f8a0f103e29726f7a28ab221f33a42b57271fd09374aa59fdab5c5362ce