Analysis
-
max time kernel
117s -
max time network
117s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
14/09/2024, 22:38
General
-
Target
e12cffb5860568bf321c7b7626cee463_JaffaCakes118.pdf
-
Size
366KB
-
MD5
e12cffb5860568bf321c7b7626cee463
-
SHA1
838b28577ee7c98215994ab7067fd507edc944eb
-
SHA256
8b58e8913fc912151d6301886031dce069eb27fc638e22c8e64e62393a948d53
-
SHA512
170ed586c4c46229a3fd19bbcabdfba2ed4e2966624b598a8a1d9d894ba8074efcf315bde2dee4554f519943e4e78d2407dede18e1dd6005dd310e463b134a53
-
SSDEEP
6144:Ip5IQfTqP7Qqh/6AipwF93RgfHXndjLxRfqmOA8+XV1m6pvMo59T7I:w1Tq5i69BgfNjlJ8+x5T7I
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\e12cffb5860568bf321c7b7626cee463_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD519c39cc342407b54f7e28ea9213febdf
SHA15059f69df9178c84bada7b2a9040d86c28c0ad55
SHA2567441f6f86aeb308b155fc705067a67a438fc7f5b94230c89f3ded9e13539286f
SHA5124f6b9f3799568b360bfa9c390e16580c6b33ddc34ba73772abebb7f0510b9cb6b22885afdf0ef294cac9e8845ae974251b0a80075e0a71f338029df23cf0564c