Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
17/08/2024, 05:24
General
-
Target
a1580a66f89fc66b36a4e03a15197e4c_JaffaCakes118.pdf
-
Size
82KB
-
MD5
a1580a66f89fc66b36a4e03a15197e4c
-
SHA1
a418c7c10eb5ee23c95a4dc70ec956fa9624dca6
-
SHA256
b7d2835d172670853f6a3e49abc5f7dee5e3636717c4a01caf07a968a2b755cf
-
SHA512
4e291937c0395fb2b8553eabf8db93a53310be135770616464f3aabe74a65237b258b096c4b275ca3f72636b18a582be190082531e10f8f6a357e0ffd4260f25
-
SSDEEP
1536:/hvvFVxssJNfClLrpix9pIy5SXtRGNGO3jw8P6Ws6DjXrgWOuWspO2+H8v:5nFVxssJJu9irpIywXtRGwOT5P26vE5K
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a1580a66f89fc66b36a4e03a15197e4c_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD50e6cd37d650a51a0f510d833a354e9cb
SHA1b2e1926b4682340d2372ae996678e52ba1788919
SHA25669cff84c40b99d45a4333f1d4be6d2641cb58a1a0a1b746b7d5f5f6c6d598a07
SHA5124433275aa5b4ad6e79afaaeb57fdc56d76d7379abd69f0e379729c48b4c1e5bee36a6a5a7e77d2f982e11802ad2e084f4c89fce28de99b059b97c075db9feebf