Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
08/09/2024, 03:38
General
-
Target
d3732520db482556c2bd00d3eaed103e_JaffaCakes118.pdf
-
Size
44KB
-
MD5
d3732520db482556c2bd00d3eaed103e
-
SHA1
4c7ed16f4630b72d472facc487016345a5fe036a
-
SHA256
bb5886f2b135523a99c8f8e74aa1ebc725bd17b652df81c21fcfe2103345a6e9
-
SHA512
6eac74fdf49f5ec14afd53b92723463e1ea48a4dc865c1cd5a9af74d891c3a27fd1dae0b98383ee4008e2dbb0630bc485ae5192aa837bdcba31fc0d4b919f9e9
-
SSDEEP
768:qgGzpDX73gGjtBWShf11GJDOUyypoQfQIW4iECrDLDMcCpzBfFd2vJvuifjsvFrS:3GFzD8yFypiIBI/PzIzlFd2duWsvFr+v
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d3732520db482556c2bd00d3eaed103e_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5ced40eac63f1e57286cf60847cb80b28
SHA17bfb7c36dc6690ab0555f59bcfd46cd46877c0cb
SHA2565d0a0423db1317c0acd9db832975cf547ef723d7be04c9fbc799c57e7d6a30c6
SHA5124cc911d31bff3f310179775efa5b3ac6d9bab5c35d2eb3a552f2ffce6c7e84e241f9f7332919d00822829f37061cc40307f882ac902937ff4a363152c75c3e74