Analysis
-
max time kernel
94s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
24/08/2024, 04:23
General
-
Target
bde2644a2b10a2cd9075a9abf87d7ba5_JaffaCakes118.pdf
-
Size
80KB
-
MD5
bde2644a2b10a2cd9075a9abf87d7ba5
-
SHA1
f9dfb0a880d818b77a10c88165abba7097201b78
-
SHA256
f24f326227891289d0273c001fd96a8c7fe09a1b435737dd8c8cdd0d8e8974b9
-
SHA512
9013d57c2b23ede2e2e923a7f440d36e212f0cc875c50ac89a222d35f05ea229d99abc26e48c129382e38c59e1c8ec88e7d3ceaa2c65a1b5dfd675a7a8a525e3
-
SSDEEP
1536:44vx3u4f6xwTzbg+RZ/zChW8MSwHJq+3l/KWYpO2ZkT2Kvc4mJWFdQvFbhSrTYAn:fvx3u4f6xwLgSL+SHJq4lZ2CT2+c4mer
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\bde2644a2b10a2cd9075a9abf87d7ba5_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5d77b438816df424a59fe2449df7a894a
SHA107d2fe72a76802247d5fe71a9a81af24d364d42e
SHA2569561b368abea8e2f9718543f2750574c03606cce774b6466c8c4c1c67a41365e
SHA512b2ab114549f90358087da28f4e7e1b4ded0b49d7d8c470a3d756e11e5fbf2c88b72d4ca5ce752531f8e16c4d09da28a27db6003cd54c5b0ef42ba626784e259a