Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
19-09-2024 06:21
General
-
Target
eac01932363d4fce50be4e658a46a4b2_JaffaCakes118.pdf
-
Size
40KB
-
MD5
eac01932363d4fce50be4e658a46a4b2
-
SHA1
dde7f5ff805576cf2169c5bb378fcfe6c0c34c00
-
SHA256
c41ba0a598ff6549d995a0802b897c66d4567894cb0c210c6d67a67d30d54ee8
-
SHA512
1d5ee410bf3daa3dbbb461c6c8b15ec7b01c2a6267d7f812e624276faadaaeeef2a1ebe59ca74c872cca06c23c9cbf0870ecce79aca958d6620d9169e97e77e0
-
SSDEEP
768:bamUJvt/7FhYjx2+E1/aVxV0iT11PZVcGMm3uaDQFaGF52kJFbj1f/gDlyt96zGm:bAdtDzk0D1/sxV0iT11PZVcGMm3uaDQg
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\eac01932363d4fce50be4e658a46a4b2_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5f3e7758bd5275c4e9d9fc7eb7239a1c2
SHA12520ebb34ad3388c1b514b1798c2c9b9cbf0af61
SHA2564945ef3bd87faec3fa6f1c18419620d871bdecc85223735451c496ba4bd7c00d
SHA512fbfcce27e5fd16e75b55d3cff4282a006702060edbc6e5f8e1d3365b6d0af753993f8dcda2ac2808e3c048cf44229d5ab7b3595f7322a43f6121199b4bc59ae2