Analysis
-
max time kernel
96s -
max time network
18s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
18/08/2024, 10:56
General
-
Target
a683c6802c5bf7ee03c7b9d389fcd1fc_JaffaCakes118.pdf
-
Size
128KB
-
MD5
a683c6802c5bf7ee03c7b9d389fcd1fc
-
SHA1
19e03d3d544791b5dadb53400c3591148bfc57d9
-
SHA256
8c4d0323e23985a42e83b2425d1a851106b6d18eecf1a257c28f5180609dc67f
-
SHA512
b51f3187d98890a57482d45f7edf26aad65525b792a20a8f730706e9aede5d9a48b4deb0a3a5f53468640658479ce66f977361fea3cdfcb8d3dadf61e904f41c
-
SSDEEP
3072:cZVQXkf1DQQTZstTowHUYBR6qjlkbbPn8fejHXe9REjBs+c5:FXklQI4HXjjOP3j3e0K
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a683c6802c5bf7ee03c7b9d389fcd1fc_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5814f7218a2b0f18fdc99b842dcb4c65e
SHA18865a94b236006446b540075a6e190f3bd29416a
SHA25646ddb71572a17293862ab3f4d84abfad95e9a5eff4a70d52b78a9ba0ca4c60ce
SHA512b474688d696cdc49ed63e54bf72227e3d7d58ca9ed9ef54b65dd20a9a508535cf90c7d68d77b6447f6f03f810a93b4d00a12c570cac4a44371c3e16183ab9dec