Analysis
-
max time kernel
121s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
28/08/2024, 21:02
General
-
Target
c7a595742abdce838d37b7cc2e1cf0d5_JaffaCakes118.pdf
-
Size
35KB
-
MD5
c7a595742abdce838d37b7cc2e1cf0d5
-
SHA1
863d5ebc6362a113b532e6fc45b7d35d6751a730
-
SHA256
5e6be7419438698206608895df6d3d58ad63d4cd0795ad7a292897b9af7fcce2
-
SHA512
53168d31953526a5759d3fcea08a6483524f51b236a2fbb0345ed8da42eb9d1eb054b240c94c0185a3eae68441909257f9de27c68a7b974bd07a3734eb6dc6a2
-
SSDEEP
768:bgGzpDBp85QeVk7nK/1plSoFHvPjxsPdSqXhPvEaC+EDuQ89cIQyxU3k36t:kGFFp87ni8qXhPvi+4uj9oyxKk36t
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c7a595742abdce838d37b7cc2e1cf0d5_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD50fdffa8fe2beb89ddc7746d33d0b0a47
SHA154da9f1332be0bedea4f38b16041efa43f3cfd2e
SHA2569a0d13189f5dd36eb3938b6b234c640e5cff10e159761a473de2f0b5a10ca7a0
SHA512a1c0cf46b4010fe5ec1d23e243d9a7634c6119f53bbbf35b83349ebf2709eb1e8664652a4198b102148e38d67c912208d06d039ee39a45d679f7dee85d545a8b