Analysis
-
max time kernel
122s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
07/09/2024, 20:46
General
-
Target
d2ced87a56e92b7a92897e7e7b737312_JaffaCakes118.pdf
-
Size
17KB
-
MD5
d2ced87a56e92b7a92897e7e7b737312
-
SHA1
5a7b0427a6e4eceb01840f32996747c7b0a15b8f
-
SHA256
50a2b0e08dadd25d0e7d0fa624340f6345adf2ff0cef112caf1e23b952b4a316
-
SHA512
42075a2a624c8d98aba4ba51e9f7f6cfd023ac3e7efc3f17e175f1b7e2dc8e3b51f3c2e2c0aa7ac00e9cee1133ef41c820bcbf80b7ac5e90a18f7cd8a15f5215
-
SSDEEP
384:VzAaYaT9P3z1r1jhDO0jSsls6uoIzNdbMVEmUdjCXLQiCDkgIkkYqvLqn4xSmQ2M:Vz+Alz1BjZO0jSslsrxzNdbMVLUdjCXe
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d2ced87a56e92b7a92897e7e7b737312_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD58c2b5836972d2c37ba0bee9983e46bed
SHA16fdc1813934fbb9d0cf09c3b0375421786262176
SHA256e440d690a4149acf42618ff5e67fa13f1c875969ad3971e6d2b0b93e4b66dc8b
SHA512039b1bcad49d52d70336da972a8450a1a6a7aca54a1788a9a9823b095ac7e70937d312b97b1c01c52a487f20415dc4db5c890abf720c4d6f1f6fb77bd8bc724d