Analysis
-
max time kernel
120s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
25-09-2024 17:05
General
-
Target
f676cfd216a078f2b1e85e911abc1681_JaffaCakes118.pdf
-
Size
37KB
-
MD5
f676cfd216a078f2b1e85e911abc1681
-
SHA1
0ea3a3448014b566cc2b7eca0577b5f8ef535e79
-
SHA256
d4ba78eb90f8dca9c59c41df2d4397580eaa00d8dcbf960ff48400e9a1a4fc07
-
SHA512
84fd83cc3314166981a174f9d34207f9f02e56dad3bf16cd0d2e4c5b263328792927aa7fe89c733d398462765cc3c7558dec90b86ca4964c5aef57e3ef98210c
-
SSDEEP
768:KXuMZmwgCLWare9RQmxAEfjZd2pbClUQAPMHtFSjJayj:KXFZmGWSUxA6INLP0QjJayj
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f676cfd216a078f2b1e85e911abc1681_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5e0e826220eba5c5d3ff8854e0d8638cf
SHA1f2d6c5f70fb0f1876bf1e9b83686b3717603bad4
SHA256aa0a8242b6063ad21dc27d03f1445a73a5c0443696821c1e73989d11ee17ad33
SHA512240d36431d276505612dae8fcd3693154ad3efe9edd6c2bec433d843ee0190c9acb8b09866ad280b02bd867a8e29865c65bdbbe0fb124ee475997e2c942cdc53