Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
19/09/2024, 04:41
General
-
Target
ea9af4b075bb6f5abf6f7196eabf2ac0_JaffaCakes118.pdf
-
Size
44KB
-
MD5
ea9af4b075bb6f5abf6f7196eabf2ac0
-
SHA1
b705c628f188caf762c66d6e0fa5f05304a9d57f
-
SHA256
ff4188c3081cff2e899d491cfa36ee71526e1f6f6b724846e4d921c39f8c46a0
-
SHA512
0743a574ebab10c462fe2436af6f85db86d575266325ead21f6f1cbfb765e730d4ef0065338e9fa1eb38e9917eb2772b2d0c1719682853ec7cb50c03fab1731d
-
SSDEEP
768:ogGzpDyBVksi8ZK1CH171DlLZ5O+IgJnTee7asyQFtr0GE5csMMe110agac:lGFmvg1AnTee7QQnw5coej07ac
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ea9af4b075bb6f5abf6f7196eabf2ac0_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD51c892d05ad14e7ad10da5b00d1fae234
SHA1d51ea782d54ebe504c06acbfd08a288e960003d0
SHA256779831ccbb0124eefb25d2f1aecd9d0a5824b9551173bbfa78241f3cc4116a82
SHA51211cd688d1fc74fc3eb722f9d7c96f36669816b5e8dce6170aceba35dc7125f48d0aa1b16f42373d3f397a5bc137a7c8da61c4a454e187ed697ca48b6a6018900