Analysis
-
max time kernel
94s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
-
submitted
25/08/2024, 09:26
General
-
Target
c06f9dfc442d409e920c1ba1c386f394_JaffaCakes118.pdf
-
Size
51KB
-
MD5
c06f9dfc442d409e920c1ba1c386f394
-
SHA1
8191de7981b6be96ae6de2ecce51cd0b2bb843bc
-
SHA256
02a79419957ee26a771730914c644758efbcc65e16437198d46dcbc724c396ea
-
SHA512
b61ae7fb56117ffc5969b44a0ae32447cf9d58597d64366a6c181937337a1d0f3208ec168cfe4e453caac5acf17d38d32c1da86e65f216d75d888e386368c999
-
SSDEEP
768:bgGzpDyBVksi8L2Lb3bscX8ShTcoWiJGc0wUidb6xhs+dfqWK/JnO9sK9+nVR:kGFmDyQiJvIhssfqWKhnOGK9+nVR
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c06f9dfc442d409e920c1ba1c386f394_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD56fae8ca3cdf40721556b6b96a52ad163
SHA1223c1d2c4de4bec40ea0985297c6a521ec4314ec
SHA2569fbd3acb5dad28640ff500f541f0a18b93481795a6672220c0368177409f621e
SHA5121eae0d3c02d26a80a21193a1ca40edb3cdf48fbddf62cbf385a8de4fd556b453292f7eae17c5244bb43021dcd858d2bc5874d45b97a769331a1c1d6d4e5b3b4b