Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
19/09/2024, 03:04
General
-
Target
ea77a1876d95b39b7b3dc652cc83dd70_JaffaCakes118.pdf
-
Size
47KB
-
MD5
ea77a1876d95b39b7b3dc652cc83dd70
-
SHA1
ee696c1ceb43cd9d16fc6db845ddb9aca43f27a7
-
SHA256
9c0cceccbf7fc28c58550beb92875220ac7a14f8585526ecda32a11bdd7d052c
-
SHA512
e32e2e10770a4ac601f2530de0a86ca07dd3864bbd5f95b1e11d0d187ed62e69a4853919ef047d5a0ebfc6a35401315b18d988b67e4c2dccf8f03fbf0ada9377
-
SSDEEP
768:5sgGzpDz8dCNutgYYAxZbESNXjb9u0g42Pxu+VXrTOy0ZMLEJBt39gPWG7J:5pGFXCcutgGbEKX9u0hmbLcB19gPWG7J
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ea77a1876d95b39b7b3dc652cc83dd70_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5f3da8a6d755b50d054b9a5ede1289479
SHA17eb76786f67ba979ac842b7b99e90aff0acde1aa
SHA25622e6d26233cd9ff5a444f2cd8d2726e456ef90401bceb3a89660daa44c668fd1
SHA5120870a4e5b532bbac088e7ca8fd8958b9ce036c42e3b38f6846068d468445febeb0a3a5ddc075ff170dc7faf61f2ea4d0dd467966491255f0e601f6645903df0f