Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
19/09/2024, 04:26
General
-
Target
ea94d7c5873fb42a247f0c8ce20a8e1c_JaffaCakes118.pdf
-
Size
39KB
-
MD5
ea94d7c5873fb42a247f0c8ce20a8e1c
-
SHA1
d4bac54cc9197a8f81c645f4ed41f69ca3a9e6a7
-
SHA256
2315d1a3f98f635a5de55edeb88c255655adea5ebef85ba3702e278e9dde123e
-
SHA512
1702d545a611bf1c2ff28f9281ce84f6d3470174f6f5d41332a1e6e24871a022e56ed43025d3315b985241ff2b6628b624555e9b1fb6cc22652fd01ce1cceb97
-
SSDEEP
768:TgGzpDKp0y0eHJca7l4FdaBrPyljMUmaiYftysgzVJTt+Q0VPrxPteWvg6:sGFep97yljDma3VKhQtxPIWI6
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ea94d7c5873fb42a247f0c8ce20a8e1c_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5e3cb39cdb9857904ea8c4c4a19c52e9f
SHA1f55e19582cdcbb32d3cb85342645e58f03475b94
SHA256876e540a30d86cf359fa591580067ed18355f47bb87f152820dbdf6013c6b833
SHA512e6b01828e2d75aab8c604970e877b587032a3b375d9eea59f961626ec67e02d86781358dc27c123603063e38d80edd9c823f69749e3e864e3ea209bdbc09f4c9