Analysis
-
max time kernel
122s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
19-09-2024 05:34
General
-
Target
eaae1ddb0e2d083ee1f7a655975a8fde_JaffaCakes118.pdf
-
Size
51KB
-
MD5
eaae1ddb0e2d083ee1f7a655975a8fde
-
SHA1
61adb229ee438fc7d544db41d5ed7969fc0b6d80
-
SHA256
5127f88b4602de27f37efc0bdf716b6967d8634c3b8850f3eb24d886baa4f33f
-
SHA512
9e59534df2b52a99bd15de917e0a496011c3e66673e8e5bd6ab446ef0c6aa90a3af08bf9c68e88a25c5cfbf7c10e92440e154877b0276ffa79b242f824e6d74f
-
SSDEEP
768:KgGzpDXhuybSfHHl/ayqR5STA9xrkI1sKM2rYi1TFQSRdz8dd9FQVvDmxbqUVxtd:XGF7huYw0WK3UO8dd9Wyx2UT87E
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\eaae1ddb0e2d083ee1f7a655975a8fde_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5ccf9aad96a60fb6c705df5649118fafd
SHA1fced80d03a1fcce4e36927d447f72d1430d8463a
SHA256eb3a0add988d1d90a1d691ff85a48982732b5caaf85690eace2d5cbfd70bc974
SHA512e2928a3b471ef78414c0ad2039ca0b923d8d2714f03c36b4372bc1e8096135717ee909fe82aff391b3d94910c8e35834e57c8cb58b3df91fbecc16fdee590dcc