Analysis
-
max time kernel
122s -
max time network
128s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
21/08/2024, 02:18
General
-
Target
b1c367070a3da5e4b29aad26d166f71b_JaffaCakes118.pdf
-
Size
73KB
-
MD5
b1c367070a3da5e4b29aad26d166f71b
-
SHA1
2f9681bc0063a9f952beee0349ef72d315327922
-
SHA256
8a4847316f6060ab92d06ccad057d92b426fe2da6be31cc936b0a80294ad7767
-
SHA512
c5b73109c76ce8188df6697630539b3d4ccd073276f28234df0595e86df368897eadc1daf63af151127bdf71f1eed9e24933fab4e2cbae6669e609e6c7771b9f
-
SSDEEP
1536:QQjWy51Qs7LinQ1bEKCXgq8/YSKzaT7LTm4yl4dpgP9xlA2:jrQ0R1YKCwq8gSKzaTL+Wd0xn
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b1c367070a3da5e4b29aad26d166f71b_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD566c0dd50ca2b25f9664030ffef71267c
SHA16c48baab7747c246a3a1c35db6362b58c65d3041
SHA2563eec60e61ac01735871a27bdfe356c37a432b39903e94be1fd8d217d631b969f
SHA5123dc680a865e99e0a95d6be81eb6d4e9238697388fb1e714f18326cceb8babfb0197875285fd3a8b623c892bb5cbd93f3285265abdb2ff7c486efa445f068c3b4