Analysis
-
max time kernel
122s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
19/09/2024, 04:02
General
-
Target
ea8cd6888e99c453d70e745561d2069d_JaffaCakes118.pdf
-
Size
79KB
-
MD5
ea8cd6888e99c453d70e745561d2069d
-
SHA1
55fc9c6da3a1c62d4275d20e05824771b9531bc5
-
SHA256
dac1585928c65662eeef45ff5178a5f4c46eda796f183d2eb3932890ecfc1831
-
SHA512
55d080ab71eac75fd570b173a4e5fdd8012ac5687f8a65b8e3e84b3cff604c8e99a507db700b818ef03437353d449b516ef56dbbb8bc6eea8ccf7148f26e801c
-
SSDEEP
1536:PrNRbc35HIFiFqVWrO1YkOl7taei1byhFgT8WkNpOPZpyBWIOBNy:T7SHc4qV8OjOlhE1ehFIxP/ydOm
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ea8cd6888e99c453d70e745561d2069d_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5e79ad7433e88dfbcd1992e560cda5020
SHA1ba7d76027fcb54fc4800c69c9e68774e3a2a1ff1
SHA25642d9b1f809cbd3c2447b482296f4ce66cc307f4d59cc47a7274f3b5be8a984b8
SHA512a0c5d5c5b4054182aa44bf8224e8d664467ab72be720ecddbbdaee58b582d2251bbd55bf177a5b90c9d8143b6083f871b24dc42638b91a46fc4b70fab76932cd