Analysis
-
max time kernel
118s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
14-09-2024 23:16
General
-
Target
e13b68ab1140674cc9a0bfe73a67b644_JaffaCakes118.pdf
-
Size
44KB
-
MD5
e13b68ab1140674cc9a0bfe73a67b644
-
SHA1
2e1e72857839cd44bc7f5a7b7cac9e08ec4aba43
-
SHA256
c1b68760234228f252916f71ca96c061415927947c7ee65f4546a0a20071172f
-
SHA512
a0d85db1a4ff4a9b95346eada1bb26974a42e19cefcfe7ae156c13f86fe67429bdf8a8fe6b4d594825ae68d16025d0177880bcea255dd2ef25649244e67d829b
-
SSDEEP
768:UgGzpDfp1pjvWH6lfzyr4Lm5J/eqQ7M5bo/9CiD1zMwiYYrOQPBnB2rk/tNzjWns:hGFjpXDWH6lfzhO5W9xRMwiYYrOQRsru
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\e13b68ab1140674cc9a0bfe73a67b644_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5a744d2ab05dff94c6e9d9b1ba375cc58
SHA116bf60eb67fcb6e564562804193681ed3cd31060
SHA256061303e51a2068fa29f9d5b422b0fffbb89a181862813171bab6844625946381
SHA51299ac62293d8edfb7e4579ec0d82b9914e8be36679a94b5dacf07b3765e73f1066fbfe024b3a89e82ab5923ef2c5e224badc46528c21bc69f0548111cdea57966