Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
18/08/2024, 10:36
General
-
Target
a6731d27392dc0ed58d8c1342f962d2c_JaffaCakes118.pdf
-
Size
9KB
-
MD5
a6731d27392dc0ed58d8c1342f962d2c
-
SHA1
71dab0f07df64e0c4b9448b3e748baf7583bf4fa
-
SHA256
f09fcea389bdfd82d290f01d68cb999183c5ff7d7dbc6fe1ab35ccfc65e92a8d
-
SHA512
434c54a88f7ead62696aed5b65f5d79f89157b2dbbf15722d17143d860143eb5eff8abf2ef7b249f94383ae1f1c6c5496034c7a266418a879292bbfe0380fda2
-
SSDEEP
192:xPz4ULMxLIKXHsfyxpCk+ZRkCIQrTyXUjUCr4iqW/UQOmuhCb1fVMM4llCc3kCc:xPz4ULMxLIKXHsfCxG5IQKkl/UQOvM4u
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a6731d27392dc0ed58d8c1342f962d2c_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5e3904cb3c2f9399496753076bc570ac0
SHA1e431e871cd507645b9e4c319cf74f282e5154025
SHA2566b0429946d33e4dd4d2214abd3b9c103b9abaaa417008077475f44e2f079e5e4
SHA51262b566f1fb68c53ad3440ea5ebf818081be806c08b2c0a5a21549f1163ed3670b944f157d62999d81e8d9e71cb0e573db892ebc7a6a377a3905c7b39f1e48fee
-
Filesize
472KB