Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
30/09/2024, 13:43
General
-
Target
01a1eee69af030e76c7e505d06c2e081_JaffaCakes118.pdf
-
Size
78KB
-
MD5
01a1eee69af030e76c7e505d06c2e081
-
SHA1
a0da2f5cbd01eaa772c96a93f0cc3f398ce0d1a8
-
SHA256
9e30cbb8c7d8339e4c489b673ca31a8fe4a1413edfdbe3c75f9c8a5cea1a7037
-
SHA512
6e127ecc01636b58aac4267b9d0a1a040fd46cbd1b306b349dd6dc8897e0ce62ae9c161f48d4c58d427848a99aeb1767b1ed4b2e2eb500ca882a8bf06b180936
-
SSDEEP
1536:NbBbl9X21TL8IkJMKPvy+UWtLAvQWHpOv42vplAWpj6oZ9b4V:TOpI1BvyZWSwv42hld19a
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\01a1eee69af030e76c7e505d06c2e081_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5a39be34913638a6bfd64466708cd4bd2
SHA1533145da63b17ef9ae15a47272f2a865420a052a
SHA2561740760e6d8c2365ed054f663c031b38b3464e6929619344b270d1443c9a7d21
SHA5126c77f4d83dd28b78d71c2b0eab4ab1d3ad1c98f8d86c2280e74499e202b402589d5985c0e3b393cbcda096adb03bc76d71464e09a58b8cf4f6fbcd30f0dde215