Analysis
-
max time kernel
117s -
max time network
117s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
19-09-2024 07:05
General
-
Target
ead0ed2b4e630e790c392659b238ba34_JaffaCakes118.pdf
-
Size
86KB
-
MD5
ead0ed2b4e630e790c392659b238ba34
-
SHA1
428754023e5c28b8cc8b2b67aa1b11ca37bcf28c
-
SHA256
f1cdb0a4a3a52c12aa4f494ef1d9e4e6fa7b97e95b1f47e4379c1cdd24aae275
-
SHA512
f71471cf28a412e698546da23758e4c36b45800f93f1c2fc287ead4c5842fdd1dbc9f385044b9ec102087d327ba4ed081f13491a1f423f68dca6ddb09f44bc2e
-
SSDEEP
1536:O0o9E9aZr4NTn2fA+ZcyAM6yJEnRPuUl1RZW8ap542wWQpOCBqT:Q9E894tn2fAWpP68Opl1Ruq2fCk
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ead0ed2b4e630e790c392659b238ba34_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD59e2a58a00690f366bd1ecbc2b30e8759
SHA111894c18bd4c98ca3f885b7d68c3c72213d50095
SHA25689ee44a51731045676d4a064a7812f5d855119c22430193c756e47a67f2ac463
SHA5128203661f036db6bbe7ff0a076f0561b2d57b6291ccb19cb4142a0309bb0e996407ca03d85f871dd239c6329b76387cb985a3730a34e332b7e47ab2c91244d051