Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
-
submitted
23/08/2024, 12:10
General
-
Target
bbabc1b816e6348fa323602c4ba6c804_JaffaCakes118.pdf
-
Size
70KB
-
MD5
bbabc1b816e6348fa323602c4ba6c804
-
SHA1
903f61a9c09bd4573f4836773812751c93bfa26a
-
SHA256
78d9e2a24b3291ceca852c1381e2b60b4dd6f1549e1827f67d8b59ca6b178e8f
-
SHA512
8780a761a512db778e95bb308e4762e0e1f5362225e52b0dcab02f57fd2e83cf1e722f4063e201cd96212d40971c882b7b044ee9aff9f5dc19e39340fc0c4113
-
SSDEEP
1536:GF2c1pvPU6BqtglzyNQvVA90XrG01ZyyWpMSjxGWcpOmLOof:9kHU2BlLvVar01Zy95m7
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\bbabc1b816e6348fa323602c4ba6c804_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD501586787075e73c9744e0005a2e66275
SHA141f001a3353db6856c4074fa37c9465e7e2d38fd
SHA256596509f893e2497283ef00549c3c0814232877db4adc3c890febca5bc68b872d
SHA512185246654f29366454724b363682ea025242020f4cb88150e1508143011cad1e4e20f1a38bc1f3f135e1161ce261d980dd353584647ca23d690222374f8a3163