Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
21/08/2024, 02:47
General
-
Target
b1d6b61ad763674d8d06bb19c6d95454_JaffaCakes118.pdf
-
Size
153KB
-
MD5
b1d6b61ad763674d8d06bb19c6d95454
-
SHA1
b44349e959c636b95a534a6549672b83a2a20193
-
SHA256
908d7080f7fb4fa283550ee3315b5c3745cd5000b47eb783c5e05ba69e5efa29
-
SHA512
d58500590cca430a15529a4611269b090b0fc2e1e6644c09365678818f095180d4fba458fd2afeaf3c99a781b25f7537d88462da0690c61c8de8c27fbf4c7502
-
SSDEEP
3072:gGciAQyNFfGAVu+5osDExU2WcT6aMoH3sXgffdkwI/7IaOU+ZgbwP:gXPVFOAJyZf53sxyUub
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b1d6b61ad763674d8d06bb19c6d95454_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD521533570b67e900eb0d7829334863c83
SHA13476ec5b2d29e5c508cb562b7e32ffa68f1b640c
SHA2560227c7a24064e5ca43140a2fca9111337ac0e752c49c05facc95079a88c8060e
SHA5122421fe34ce7c6b1c327f364a43e3faa495e8835d9d34ea5799dde14d77c30c6db2f1f0adf454052a31c4e9ccb06c1e8a7ba7160eb3f976ef85a44697a39d2a2a