Analysis
-
max time kernel
119s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
-
submitted
25-08-2024 01:35
General
-
Target
bfddb75fdeb3b6f7fe81b751cccad7d5_JaffaCakes118.pdf
-
Size
78KB
-
MD5
bfddb75fdeb3b6f7fe81b751cccad7d5
-
SHA1
c33303ee062b0abe229b7e1e6d51883a7011f02c
-
SHA256
0021c0542a4ecce8eea9c2d9d91ee1903c185998db1fcbae30132de72b2eb790
-
SHA512
f92d845bd3aacc0c09aca3cb28ad4657f436cbaa394d922b9019ea31144ad244e5437500802a401a00a51f4658d6ae388f0bae4f02576d469ee84004be21a536
-
SSDEEP
1536:MgKN+mGAcUsdk0eqjFn+LQLr87INA8iE/1x5bWjRPkGnnNL4/W2x0pW8pO7Kbo1y:J3mGNU/0xjgQLrvNvL/P5WkGnnNLoW2O
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\bfddb75fdeb3b6f7fe81b751cccad7d5_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5f03603261a4172a8e38a367794271380
SHA11d50dbd59b669676a6a03d16d52f3d88f2295762
SHA25620ba69f6a7d569b21505fc93a8b12a3abb2680eece09bb8e0d1b3604e8ef8cbc
SHA5120a7202ee543c0229a7883c85b658c463382155a4759e9d6e06ae59f13eb93c1fdaed08e8568f13be91fd4e4b89588d93aadb305964e06001b5dff161374974ac