Analysis
-
max time kernel
95s -
max time network
18s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
26/08/2024, 01:13
General
-
Target
c1fc3e034fe679e07b765ea70eb059cd_JaffaCakes118.pdf
-
Size
37KB
-
MD5
c1fc3e034fe679e07b765ea70eb059cd
-
SHA1
d19cc1675db78a095b7f3326ff0bfcf3d7b35c3b
-
SHA256
628f061f0d0ee9f22c940ab4c579feb066f7fa1fe67a89a8f7e9e0a10fa6ddec
-
SHA512
469cdf77c8ab3908cd90c309bdf67d31fad9fda4b7cc6dff6a2ec5821cdbbe657ecb7fef79a81e055e3e3cfe1eaaace97b0bb03a546bf1e4a08f253ffbf56193
-
SSDEEP
768:/VwJ1HSIJgliWcVcW7+ZetoxWM1ThC221EaVrV+iC1DPxV4GdmfuGDQKaOFv2mJt:9cXJglul736J1ThC221EsrV+iC1DPxVY
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c1fc3e034fe679e07b765ea70eb059cd_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD506ed717e7f1c9a6bf4893eadb8eca578
SHA16d7d29056d23f85d9af3a7839782a6569d2b6143
SHA2562c6b13bb8367c6a40fea2832fb730b99ae23c196f4fb856d2d35cbf9b2e30924
SHA5124337d16fe6178321f191f687081fa3891f80f76ca11ba46a2275945be9aaa6f06d23ef17b61e9cb510c84d51841ad64ed7984f41502866b6814698dfdf5975a9