Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
15/09/2024, 07:07
General
-
Target
e1f30451d6529524c76193d2c7b4ca45_JaffaCakes118.pdf
-
Size
88KB
-
MD5
e1f30451d6529524c76193d2c7b4ca45
-
SHA1
066ae78da4b39a5de371ac232c171803608121ff
-
SHA256
5a27dd2d9aa87908f57a8fc34d7ed5ba0660673199a58a415147b0b2aceea383
-
SHA512
308a881428a509801c254f67e8b5b838c410d1fc70c6b3b057b788f019d96cc794914589e089e0e06bceb524d6fba26c3d986e1dac8561827eec60e437833be0
-
SSDEEP
1536:3mTyq95DBykdSP3Z0lzFdrlnU9f9AOhX1fuEX7Z8qBZ+l/2zLw/SHWhHNDmCV:WTyq8kds3Z2zTOf93vOwgl/sLw/SKHN7
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\e1f30451d6529524c76193d2c7b4ca45_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD59a9ef1406a06c6b140ec1f8163726cb0
SHA1a39981c9ed5bc9b4077370c0a0ed2e474dee36f8
SHA256585f6e94f5776aaf096709d9ad51e6d97a89a6d34281155a10e9dfd30fe30baa
SHA5124b6e0afd747941e6fdf2f0519a3e6b829b67789a182e73cd90d057ade28b7526af996dd12e4ee8209dbd291c38cddf5ee779347a003646862f382cb6cc1e01a2