Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
24-08-2024 08:18
General
-
Target
be356f717699d0010d85980d9ffce4e7_JaffaCakes118.pdf
-
Size
42KB
-
MD5
be356f717699d0010d85980d9ffce4e7
-
SHA1
2d41dc9dd2feacb3e809f7d13da46f0040642fa9
-
SHA256
d1c91acf805e2ffbe1e1294592924732fcaff00cf699fc83dc7aa6de78197de3
-
SHA512
85d32bc2b4ea27bce571505b8db7df56bba782a207a1384afca7bbf8643ca618be6fe46e4252b7d3a4f9be78666667dcdb18cf164602b90648fad9e1c66a0df1
-
SSDEEP
768:jgGzpDbp6ytaNCYHA/wvUBckH9TPcvt+yVvArdAIi6cnD3Cyg9VSVGdqvDldB3RK:cGFfp60HT0vFVYBBi7nDRuVEGdqvDX9s
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\be356f717699d0010d85980d9ffce4e7_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD594f169b4700ea3d160f34a778e989472
SHA163f5b8cb10395953c3e90348cce78ddf88947ed5
SHA25679518590037ba7db27dbd7af70c99bdb885b20f9d09dbf07a40347c5e395fbb5
SHA512da9ed81eebad1f5b87944294d2248c7f0a42b36d7719a54ff300a541a03812c4711dd7b3925d79d20b62e4544b852c5ac057a5427fb0f8a5404b12d0b236f46a