Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
12/09/2024, 07:15
General
-
Target
dc0d56da4c6106e3a61455117b48dcab_JaffaCakes118.pdf
-
Size
17KB
-
MD5
dc0d56da4c6106e3a61455117b48dcab
-
SHA1
721b705f2026bd4d499d3db847751a1877d802e6
-
SHA256
5e85dd7e7fd8bce1f3f4f29f1aa8d970c71c10e8d54a94908d347029dd108791
-
SHA512
5661806abdc0c2279020a1680d3ea38a936dfcc9d0282f9a5e2654261c49359511005f60f2356348155de2c87af3687c9ab473d5570196b0df02efb770782ab8
-
SSDEEP
384:0/QON8MUG6Qgw0JZCTzz02YFnarXB2E5HPBxdGh2Tj/xPJh64fO0eRKyH02D04:0XuMZmwgCLWarIE5HpxE43ZhAQ9kvU6f
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\dc0d56da4c6106e3a61455117b48dcab_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD508f4368cf81da23b34a604d1b51af3af
SHA1214a2cedf9d0996ae6253578733b883b4f4002e6
SHA2561a346b25e218e8961ce06673ce9737bb1859a07972621559c0dee1855d036fd8
SHA512e6f473892781cd694c70b5c58884b013771d76e3586333dae0bbcc44beeec80b6145542737976e85db420d88dd374fcd84228aabc3f1a893d391f38c18b5b53c