Analysis
-
max time kernel
118s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
19-09-2024 07:13
General
-
Target
ead3a8442de90878dfc80cb741ece900_JaffaCakes118.pdf
-
Size
94KB
-
MD5
ead3a8442de90878dfc80cb741ece900
-
SHA1
abd0572aefaff7fa74d79753bf110abc079dd9e0
-
SHA256
34d28ee775911d2ff97d03b8c63d29201501ee62f3f3166d7509ffe4e8da4dcd
-
SHA512
3157eac399b6735c91db5f46a55ba8c73037c5cdbc4e4ac23505bca0fe20102cb9e96320dcd46d080d8582ae1c9c75e98503b88feb30b0c5e61cb193cce2e999
-
SSDEEP
1536:Tovsk/9JVxROe+nKAWRiVVdgJ6ekg4HJFYsvw+1GHdEG4WHpOvTW6ITyW+/V40LD:Fk/9JVW/nGUVV2PPOwOGHxgvOQd40LPL
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ead3a8442de90878dfc80cb741ece900_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5f0cf7593c7238d2304ad023352e4512a
SHA16ae8c81bf2b0cb0965365832276bd4ef004b1a31
SHA2563a038a16193ec88ab2c458196e61cb5a93611359577f5db87a3a9108db995743
SHA5120d65919d9892785db45a669fdde1dfda8b82cdc09c41ecab0a4f3a5825b89120599b15ee24c954b6ae099ce60fa0eeb8929602ca48b2e3bb763d53af34455475