Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
19-09-2024 06:29
General
-
Target
eac30ee7757cba163adfdd4d2984739f_JaffaCakes118.pdf
-
Size
64KB
-
MD5
eac30ee7757cba163adfdd4d2984739f
-
SHA1
54f29fc12764a488f3ef2a71d67132b2f0c7cac9
-
SHA256
aad4a3bdc63c14752922279662b0e6a43d3d313939f154b700a4811a6182d838
-
SHA512
14c96e538338412568b301d89d85ecc114632e46ca47bc9a9a679e616c5a8a41524b3b5d23057633a9a57b66cc940b2be6036e8fecc71550218583162273fc0c
-
SSDEEP
1536:oGFxpyyuvwLcN5Y7Sq7TwNQeavWHn9+wvyvSd:FFxpyyuvxvqfwaJvmnY+yI
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\eac30ee7757cba163adfdd4d2984739f_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD50e4e0c9257a7b24d95efe4d290f5034d
SHA1613d505b1035e06c9c8aa0ad876e498ee4d45403
SHA256d51fd9aa9dc7c7c34626b07dcfb48f47f09a1a291a568905d79b85488f5557e5
SHA5128b2c9b07ad01d7aaab19fc2cc7893dd21a201c61eb2769d1205da3840c73ba586ccce77160a82a906293cd08ee518c0bd6fe6d0609f6fad3eb3d0fa2a14a0559