Analysis
-
max time kernel
122s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
21-09-2024 20:49
General
-
Target
f096198ab529bb85ad9d88dfab53dacf_JaffaCakes118.pdf
-
Size
40KB
-
MD5
f096198ab529bb85ad9d88dfab53dacf
-
SHA1
67c0ced642938182b613adcda508f2f763d73dee
-
SHA256
68d84f1d1e6365f7764e88ceb194169d1ffd981b418c6a1de10ed902c590d703
-
SHA512
dfca5577735fa7412492856e57bb6e8797ab32ef0b4ec827827b0b4543151e329c08d24f4140c69f5622d10ea9715cc6988b992d0f82b7085a66a0fdd73a022e
-
SSDEEP
768:/gGzpDnp8KeE5pcW36JBij7+FXKoakNhXt+snSF2kJHDJBiIjNcBs+c6oJg:IGFzpfCFauNZQfF26j/cBc6oJg
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f096198ab529bb85ad9d88dfab53dacf_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD54a79e3662e8ddb9212fa7b52b2a8716a
SHA1eef46e623d9bf24a1f2fc35be376808df92ca942
SHA256c22be3e067f1e999561dd6f4f1964ff7de8b59be0ac4df565caee7b91784669b
SHA51277eca88de77515973612b178759167a5ba4f3c6d0700e522fa7f3e813e9ee6fcc9f3a01492b30b6806c92ffea60dec4c5f192134d25e1588daf9f2302acb575d