Analysis
-
max time kernel
121s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
12/09/2024, 02:06
General
-
Target
dba0981e54d365a55404bff1920bbf23_JaffaCakes118.pdf
-
Size
82KB
-
MD5
dba0981e54d365a55404bff1920bbf23
-
SHA1
f43a03c2d0e0f0078251845ab940497d4e0c2ecc
-
SHA256
f539044d7c02d04f292477ec000bf85e9e2c19ddb428bbcd5269f967017bf37e
-
SHA512
161cf59c59cc6abfb31a4c872debf7e9294d501f4096b2596759314f603caaa97b602489951c23b7d49e7b4ea8d0366148ea5f63d964c02554a372c83ddb126d
-
SSDEEP
1536:ZVAyiiG8KY6lXKq5/ulA51HoLVmxTnIiWBdiE7lAL/xmR+xWcpOmClj:kijKXaSDoL0NuXA/EEImE
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\dba0981e54d365a55404bff1920bbf23_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD509c6d7ddb8a95ca3dc401ac4d316835c
SHA1c4fe4f2585af8f195e6bad03061f06f6fbe9b363
SHA256fbb7dc30b17342848d3eb14e4106149979ef6686b85f7f239397c68baf04e925
SHA5129e962f07107aaf076595356f3e2ba065a2d697865d18a32c83df4622b8aa416338e0d2e111cc90b561274978cfae691605699160a0297206dc83137ac4a56be5