Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
19-09-2024 04:53
General
-
Target
ea9f48504c832a480bc362af0410ad49_JaffaCakes118.pdf
-
Size
47KB
-
MD5
ea9f48504c832a480bc362af0410ad49
-
SHA1
a781c4d7373938fd5c0ec1d946c1ced742e3ce24
-
SHA256
1fa7a9352649fbae997ab063606336828590099f37dd8463c4871165d76171a8
-
SHA512
be45a0e683e6d89a0dc927df34513e65fbcc7e920947b645a54bed6c0b9a381ccb1a04a4fdb22fa0c925880fa0725a1e009360f24c91f0ccc71c38fbbe645be9
-
SSDEEP
768:zogpRdEvXsaJ1jH87KmhhK++fiHsnGrcIlNtVxmKbJJb5orvpXW0u/CB67Lb6zR+:zocEv8GhH87Km/15HUIft3F1R5URWDh7
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ea9f48504c832a480bc362af0410ad49_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD54c5c76f458f2097b8b3d8c0f987c7e84
SHA17be5caf5c0f7ff77ade2b44daa85703f7071d869
SHA2560ebf9e6fd056a8bfb7bb1bbe58024f67bf87a3150fd4b51f841a984142049c74
SHA512ccc67714469550e78b308b2c23dab0aa93b20edc72d6b602d0036dfe6744b1a69464170d834e69e15f99c09f2e4d943aa25ced39afd27d705e1dde19cceee6f9