Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
07/09/2024, 19:31
General
-
Target
d2ad5b609361bd5c6bcb79727444cb5d_JaffaCakes118.pdf
-
Size
46KB
-
MD5
d2ad5b609361bd5c6bcb79727444cb5d
-
SHA1
80110d4364dd7ff74f84de77c084db1b49611643
-
SHA256
328da23f7591cd05b0df95cc522196fd5b3c12954aaf3a60c03addf744c0aa59
-
SHA512
671c36f38cd8a19557554f231d57df6a6bdecf8f9527b99d2b5277b038d95a7c43df4c73c12fbe0b5c91fd78379b54be846255ff72d08529f0a1f70d914da9c7
-
SSDEEP
768:ggGzpD6pzI+M4vtSUUPqPEy3GMRovRMwjt6x3o5cV3U4was0AvquT2BiTzNA96R:tGF2pzIh4vtS2Wkzreq3Lvs00JsiXNAC
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d2ad5b609361bd5c6bcb79727444cb5d_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD558b38418f5de636456f247cb67ead37a
SHA122429c272531c9c556e1f616a273477a0f830ec2
SHA2561ebe359122b203206cdba95b788693c6ffd177172968cddc93c06c90da6f7c7c
SHA5129618259a9bc70d3041a76e2e6eae892fd65ecfe1945e966bca3a1a5cfd1c382180659d92a5eb7ad980408186c74e0c84dfd3238ec26da9becde53becfa6abb3c