Analysis
-
max time kernel
95s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
22-08-2024 02:44
General
-
Target
b60de029a81dfb968f28fe6ecdace451_JaffaCakes118.pdf
-
Size
81KB
-
MD5
b60de029a81dfb968f28fe6ecdace451
-
SHA1
7dce8b0fb94b4627789e1b69a5605e1874507805
-
SHA256
7ca64cd895516e9ef284a52ef8ff4dbf84ed4427849497c4e802ad70fa9127b0
-
SHA512
efb962f9808a63b211836d33aaf48057d2337007c7e3f61bf82f1f61f0be746848fcf7cc6882f27be68dcf726d45476c3f6922cfc8802ecc876b2ef90b9a4a9f
-
SSDEEP
1536:v2hPt/2hVY90bxNZnImHVl8VzYCUz38FzE8I5AVgq3lKWUpO7qW3j/cBo1AS+2SW:apZgxNZ0dYCUz3vell7bAS+2X
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b60de029a81dfb968f28fe6ecdace451_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5a660457c968612e26c55bf85038beb2a
SHA18bf1667daf6737581f2fa22b2ee466e9f9e2c571
SHA256e4782b1457469f909cb9f1eeec38ca50df2d98b681c4bccbe39d5c5d6c6c8e16
SHA512ea90a5dc633c0403cfc35b5269fd347e6e697a07035d3d8fede023f7f96a5f7c9571b1bb0b866fa46896a11d51f0fa41f0eef196709ba26f354199b962679f89