Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
24/08/2024, 01:56
General
-
Target
bdc9c29c52ac29c5421236be22d4ad71_JaffaCakes118.pdf
-
Size
48KB
-
MD5
bdc9c29c52ac29c5421236be22d4ad71
-
SHA1
7aed5bbc5110de192cab92495d9cbff7b4056ded
-
SHA256
da2cfc96a18797b1d92e323ddefb6cd95546831253a025f79a75a98b47a17d7e
-
SHA512
14e08d06a9b692f0570efa3cdbf4b5a6c52a1163d0237dab3673edc77b078c4df119a2ede8af6257d405866b85e06d0a035999056f65ae1a77b9964654af3c72
-
SSDEEP
768:tgGzpD3eFqeUB9JD/pdCtj7AoHm2JGZivdepb3cPJoUUpuEr++YMsdrpBG5y7jEE:OGFDeO/pdhUmMGnU8uL+YtBpBGMj3j
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\bdc9c29c52ac29c5421236be22d4ad71_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5fd1a218bc533350d62751f65b2040f8d
SHA14d3bd179527e29256118abd6217c1ff9e560b12f
SHA256f1c4b65b1eec26ce857ebc2ecafb4035666061462511165a2d7c199ad7716f3f
SHA512a3d4e635367bfaa4c41ab74bb1f7a64dc63928d74af8b081638f09f2f6f238c88bd82f47ace6204cf1e383a61cd173ce89a386b79da60b197785d92ca2aaf8e4