Analysis
-
max time kernel
121s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
19-09-2024 05:28
General
-
Target
eaac0f60078ed3338585225164df2891_JaffaCakes118.pdf
-
Size
85KB
-
MD5
eaac0f60078ed3338585225164df2891
-
SHA1
d3e0179eade51e61d1c16f69aba073709d4bc3cf
-
SHA256
08ff2036e456758330bdeb0b7a1e9575ce860c7b94d949065f9cfcfe12098905
-
SHA512
353d032f829816224646081eb27947aab96c30e3cf657682d149ed54cc1927209decd33a6f50b6fc38e6a5bbf384bab9e28b6a078573f761b7b5c63e2d776e1a
-
SSDEEP
1536:+psmlqoaGWEMbuwrmdHdX2DIkdp/fIq4riPidv7KWBJFqwh7+Sw6EEOK:CsmjkoHx2RD/14rwidv7KWjMSw6EC
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\eaac0f60078ed3338585225164df2891_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD565e1ee82b42c09bb561b5fbac66097db
SHA17a2b18ebc930f33cecb808f9c155df113e8fcc2c
SHA25628edb40f558e908ead6ae8a146e186caea39e7506aab5c7e7452a9cc0e03c2b3
SHA512277af973ec8c9ac9f1e1e74048b8124faf3716c139295e56ad90fe9d4ae7939044c2b7ee4097abc0e431fa3ef2f64bf0af35cff4178b6f4297c9df66fcb03302