Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
-
submitted
28-08-2024 19:18
General
-
Target
c77c591880629f3b590bc6e7c1f13dca_JaffaCakes118.pdf
-
Size
40KB
-
MD5
c77c591880629f3b590bc6e7c1f13dca
-
SHA1
5b30b2c6fb1163e14bec30ce40b4b3e4767edb55
-
SHA256
491d33c0ea9b62c64d99d53b3f6978070ca5d6cdde7880e77f1657d729330d3c
-
SHA512
b320997e12cacb78908571d2d007df546d554e0d91f7304cfbfef7a85bedf44fdae237d26c3a1dca132d6116cba657878f93724ad7c3c66375da5c09c2a7f288
-
SSDEEP
768:fgGzpDlpBa4WTQ05rB3230HgZd8CQBnb6yucMIS+AjDz7zAMGQx9w4449gm2S3:oGFBpYQ05V32Ninb6XDzb/w9jm2S3
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c77c591880629f3b590bc6e7c1f13dca_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD52b7567deee32fe00046e907214742850
SHA18d03ff3f169548ad76df29b3998a624cc9bb4cbe
SHA256b0c3ac14dd10f7e7fb92ccb9f0ec56cda92d593637d929f728afa38512bb6b27
SHA51287a06210c545446be04bd36cff9d6d37becc588a954d8a4f18f7e05b0cbfa582d122244c3f28e8302574576660a5e7b284d3af7938fb22a3a551b95f95ee8cf1