Analysis
-
max time kernel
96s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
23-08-2024 09:30
General
-
Target
bb2f107d988956aa49a3c07b4c2cd370_JaffaCakes118.pdf
-
Size
80KB
-
MD5
bb2f107d988956aa49a3c07b4c2cd370
-
SHA1
73f9f8200b9137713e8b1ee529a6ef30aef26768
-
SHA256
4900dd9f0e7c0658d5191eaba774d8935d4e0b7fa758629c9ad86f7cd94efcaf
-
SHA512
f54d605a8aa42058c00c588a4b94cf2ee8e439e87a326b30ad88966bfc850708f590cb68211a727a1e905d48837ebabb1859d552089d47af02c531460085b983
-
SSDEEP
1536:mUAzYlmKm4a9qoSv6NWzCdYxWPx1yRHWWIi1ZY2sRW6pOu2v/0C/EWY:sRKm4a9AvFCdYxkx1oHCi1ZY2syu2ECi
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\bb2f107d988956aa49a3c07b4c2cd370_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5ed987265f9bdacff547301104570ca36
SHA1c6b5848daa9a52102587fa702ae5cccd0ee45b29
SHA256ca12c0f03e25249401d50359e4da4fca3084a8d5b1ad8223f53b8ace335f2e88
SHA5125488eea5a63c0c40329f71d2c479e7197ed2ab955e6c684a7c31425354ee7239e207a4b75439400c6a063458232808b58486ebee6c06cc8a3a3008ff27e85a0e