Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
23/08/2024, 00:13
General
-
Target
b99dadd9471bea3096a6e39087e606ae_JaffaCakes118.pdf
-
Size
81KB
-
MD5
b99dadd9471bea3096a6e39087e606ae
-
SHA1
970c8794645175adca05b2c29686e815cacef264
-
SHA256
17ce07d390efa3cfd1d735f9c21e215ed52c185527946f508ddad0f8e9e85801
-
SHA512
c6407cfa283ce1d74ac489ce2597c9eb16d5658acc2f25d199aa73bcac287d4c4a7f1f8ef565ef09ab027a6f47fa2ddae2b74d798b0935d2a151d4f76af0206f
-
SSDEEP
1536:B7nsqLPucjHUB4zoc+UBFUtoUKwodL5WDm/bPbpPEeiW6pOu2JNnN:GWuc7U+zo/UBSy7dEYbpPu2J3
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b99dadd9471bea3096a6e39087e606ae_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD57335e5dae66feb7536466ceed0a620f3
SHA1b18dfd8fe0feed5a77162125af5eb8b3aedddad0
SHA256aad2d8e68f7be79ba87db09d95ccae33a9c37f6bb59500fbb2d46ada06d6cae1
SHA512b64e3fdd1a6262292c83125d9a3a73ba9163da7c114f941c6b1a4c773225c9a0c3c2624f41d9418b749aef896c2c756d42400a6529a30d0f340db9acc0a64a6d