Analysis
-
max time kernel
119s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
20/08/2024, 11:43
General
-
Target
af14fd1d2d09969e866c240edf13f046_JaffaCakes118.pdf
-
Size
45KB
-
MD5
af14fd1d2d09969e866c240edf13f046
-
SHA1
ec962958667afc1be657874f4aabf36023962ddd
-
SHA256
89e39fbd5d683bd0583d896111dd28f7c44b79df24c17279cd21a56082be2ba1
-
SHA512
3b5bd6354ce944fa9686e1a19cb00b56ce369dafbc434ba817a341402c7cac8f59dfb686fdbe3c36a1d64040979fe06cb64645ef2ad7f5ffeaaf6ce9b5e828ab
-
SSDEEP
768:rJ2S5wTOMHRjN0x9PrTtViynxU435xn74IOJtL9ZK0TQt+MA+VEo:tz5KV4jTFznU7ZK0Toc+io
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\af14fd1d2d09969e866c240edf13f046_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD52c42e13692440da8c89718fdd2320558
SHA16574ad3b9d0a51c6800dbc9b5295c4b37936a583
SHA2564498c1dec6c05a3baa029f072ff0549dafcd6ae5ebba4df9021100e26f0bbe00
SHA51261bcc457b21dfa275beffe166d556d5513316ff8d76f70c9eb57b273288b3c74a4c7b3f948a629c146c49566091a0a9a696aeb1787c1fa0c3e89f0490094b644