Analysis
-
max time kernel
121s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
07/09/2024, 15:18
General
-
Target
d23bf563ffb5b3d88d4e7c582c010d65_JaffaCakes118.pdf
-
Size
35KB
-
MD5
d23bf563ffb5b3d88d4e7c582c010d65
-
SHA1
89d8e79d096d5354b7612ecd5d8729db1f549e3f
-
SHA256
3389ad34dd862ced15e5430d08c2244b457d06d3f126c38f10c5108671f06e75
-
SHA512
c5dc69cdcb01ac5099eb0e5cc8b57024cf9c3114920c3886ccc21c227fa8394b246d120d5ee6dfe5508ec826546da442a14e3fafe733d0fcd3fa895f6db00e57
-
SSDEEP
768:FQILw2rLYVp55krTrK4KZbOily71Vhx2tN1saVnVdiF17PDV2GPmSub5E51XuMZu:FQULYV5kfrK4UOily71Vhx2tN1ssnVd7
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d23bf563ffb5b3d88d4e7c582c010d65_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD552aeacabbfd618b5f3f17cd7dec38fd8
SHA1f9a6b41e5668ee5cb4ca01d9cf04eebe48277fca
SHA256597b7a9de88dcbf29ef175980e189b9c0dff25ca6f30faa17ff1d1d38a43cc87
SHA512bbb543201e6c3e0e55ecee0956992fa2fbab85b170bd11e74f1a7c7fcb2eae7e0542d8d67103dbf233c071ce8efc3c143ae2db0dcd51555f608dce12f6fa8c17