Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
23-08-2024 20:37
General
-
Target
bd113a83304d35812707812dd2a6a3e9_JaffaCakes118.pdf
-
Size
34KB
-
MD5
bd113a83304d35812707812dd2a6a3e9
-
SHA1
ab6236171e5e31e30c52a9984f55989aeebe8e3b
-
SHA256
c6d82428cfd9214d5a9d0f68d395dc47fc8911b7e022bc5d28e93480e6f8007d
-
SHA512
1ea7951803ef2a98dd91f94c1767fb8987b9c17aef0dcd287d084003a290765f41e349dfcde16abfbec40300be3dfb4bd4cb64b1a1fd2d254b9f77a8ef6691d1
-
SSDEEP
768:ryeOUPiQsZ5igOYb8uG7n1mM2OJ0l3YMK2pQC:JOxsAm7n8Dl3YMK2p7
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\bd113a83304d35812707812dd2a6a3e9_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5bcddcd1307e4cb3d5f009b330115e5d6
SHA1d7001d32a2dfda1fc6ba0f55b608587b00a8dbac
SHA256ec5d5f16a830efe304e9ccd6a21a72ae839fd9dc3fea75c7bd0a884a6e4fd032
SHA5129b7eb561b643979fa2e546dcd58d94fdde825bd69b60d0527dd6ec647f06ba56602e2ea3d7d9684a7910fe6803fbc37915f37ba5b5f234babbf3053153498d73