Analysis
-
max time kernel
94s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
-
submitted
14/09/2024, 22:23
General
-
Target
e1281b7ff394953305ae93a2b25c0327_JaffaCakes118.pdf
-
Size
42KB
-
MD5
e1281b7ff394953305ae93a2b25c0327
-
SHA1
1bee8c33d738a064f49d61089e873c03dc3aa250
-
SHA256
4022f9e8f5a37dabd77f29cd3de2892753b31aa82af39011a618849ebf9828f8
-
SHA512
7a249e8a8d3cf427bdf63c01f67e9c00ca5b74c90d196eda8931daf53f5c1a292376de2fa5b2e12a8f600e160ea4b881b6aef90d3012230d052fc4ad98cd8e4f
-
SSDEEP
768:FgGzpDgt990YeC8NHddbZT6OiL4771zernQa3jmw1B6V5W+sr3FVt2:WGFkaTFiL45eH3jmw7L+sr3FVt2
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\e1281b7ff394953305ae93a2b25c0327_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5fc7c18c023e98b35ebc5d66310d481b6
SHA18a4a68e6afd227224e410872ba8c05e7d89a8c9b
SHA256dc5954dca5eefaa0dcfdfab00eeecd889d5a45da864d84259bcb839ace345122
SHA51285a075995da95a314a8b66219a5193e5a8fdfc78e4a046d6a3126619286dc202788ec9336cd99c885da7398318378856fee7e9d43c650b608b458d36646e3fc5