Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
24-08-2024 15:52
General
-
Target
beeed6c421e0bdb82e71bb043cec2702_JaffaCakes118.pdf
-
Size
21KB
-
MD5
beeed6c421e0bdb82e71bb043cec2702
-
SHA1
a0b20dd4b192fd29543b07a9fde3503b1a1cb2e3
-
SHA256
0dcb3ec7350f7277e610c614917efb9c28c4cab173c18f00c4ae6945586bdea3
-
SHA512
8bbdac81069e19117449b2b64ff3f865742a5e6145695c30138dcf887b106f2537dfbc57b3330ab2ca62e84eab05daf9836edc26ce315bfbfd8ef8c478c995c6
-
SSDEEP
384:VzdkMu09vz1MY+4XSNMlgjGX1RL7gd4EnyCQcjXbXISrPTde73ZpPSkZIZYrQhZY:VzW09vz1MY+4XSNMlgjGX1RL7gd4EnyR
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\beeed6c421e0bdb82e71bb043cec2702_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5827b09cf9baca773d3d603af3996339e
SHA1ae22d04a5f37c84894af776d20b498e234f77a2a
SHA2566613eb8df492566226121c0ff9eb87bd96ba3fe5433dad07bb335f483a5c4540
SHA5120be413ece71809fbba0a64a1e4abc4ff44957859bc4724d56be5e66de1673edd50f43cb2720d2504f7b3489b6f49553146a6eab425bd78c85892dd17247e7a00