Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
18-08-2024 12:03
General
-
Target
a6b4fa6b8fd24dff337158c3a97ba468_JaffaCakes118.pdf
-
Size
84KB
-
MD5
a6b4fa6b8fd24dff337158c3a97ba468
-
SHA1
bfeffeb4e0e69aa09ccddde5b5d8de4c6c339b58
-
SHA256
3027fb1d39f86c39f21fcb6794083d363916cf1be0fb821fb9ef5a1951153fda
-
SHA512
728e442e3fe0a5bdbdd6de7c30275b63a6a8653d0f922b5e0723448ef82e3f6a7b1407a24ada19b40640318b26fc7e585a4d053c5bbf5d6dc1f82c77d9a9fd9f
-
SSDEEP
1536:Xrong8OK9Zeqpa8cwqirgysPpGHz9ULrd1hJlpClQWxiyCzcW8pO+hDQ:7oFZe9wqRb4Hz9orHHIJiTX++
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a6b4fa6b8fd24dff337158c3a97ba468_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD506925c318c7b673dbe52f9e384335213
SHA1034807ef997e92f03ee7518268f72469d935fa34
SHA2567660811eb1ae7d8992f3b780d324601c97ebe7628e1e59f766464ea0070f2158
SHA512adcf287cf4619bfb1309745b791d78be5144e76664e922824397d67b559895629a00c7499a31f8be3b55c878c03a6805776c6cae3bdcba94a3fcf86068d8a146