Analysis
-
max time kernel
94s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
-
submitted
20/08/2024, 17:08
General
-
Target
b017f442279f8e5bc12adab2d613b394_JaffaCakes118.pdf
-
Size
83KB
-
MD5
b017f442279f8e5bc12adab2d613b394
-
SHA1
c4f6db69417a4f1b49c5ce23f7723d1bcdeca14f
-
SHA256
cf271a1e3b5dd17c6e686e6b11a4f1f5551f2eced9a8fffc32bf2a3b9b6ae9cf
-
SHA512
f8f9993ee9173709c6f1b8638041f8a14a942d66784320f473752a21f166416af01b25a1f486c0d8d742297d75c9a49f1d706b42187426154e5e4e60dc825b15
-
SSDEEP
1536:Ti2thwgXRZjuj3wUhAn54AKrXcXZYmRjuAJCGeDWAlw1hA04MgbW0pOdfG4:u2tpXRFujwUhAn9KrX++mMAgBlw1hAp4
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b017f442279f8e5bc12adab2d613b394_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5f2b4fae507cf87e34756bfc00aee826d
SHA12f2c428f27fd26c2ab8e95af2a3384fd9b485b06
SHA2565c84f2b185b77a10b0cfd0b37d49f3678abda54cf39d88dc279e562a800c9429
SHA512d929569a1fca0a25881b39136e4575ff7acec08f0f2964095ee1bd01795c1b22819b79525fb7a09c41c7f224ad679c8b081213c55ce7b38fd77b6952cf981705