Analysis
-
max time kernel
121s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
09-09-2024 18:21
General
-
Target
d6dcffcaf1019a196797ce35894a1d15_JaffaCakes118.pdf
-
Size
79KB
-
MD5
d6dcffcaf1019a196797ce35894a1d15
-
SHA1
260e499d47a9d3fc5100b39fd29b2873768606d3
-
SHA256
c72d099cfd58dd7f3e717bca5bda1f628f4155049abd16bf3ffe60d60fc778c3
-
SHA512
78984a811d660dac15767a5923aa2ed6ec7ab79bb163d48b3ce432cac05bb524bddab498d63b58403c30d34029dce9a7f9958f353266b1c22a343602567c4f55
-
SSDEEP
1536:xx56B2QFPDyuV6T63u2evYAu9Ru5aA6RX5XyouCFRYa5s4zwUkqvjSd4n2:TO2QFGuW63u2eAAu64RX5Xyo9YOzwUkb
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d6dcffcaf1019a196797ce35894a1d15_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD563094949f40300513e388f7abe699afa
SHA196a03f2ae99b04d2c2ecb1c25e4b8867051e3062
SHA25624e3122c738491ce872f1be8c8ff199ef4ee180d4d77a7313570331bab683be9
SHA51232a29ccaf2ae33bc663289bd5537dd59e2200bcb7986607b93dfd9d6cfeee343bf53f97b369f84c421cb8a7783d2ecac855d65b5aa9dbe2fed9789c59739c814