Analysis
-
max time kernel
117s -
max time network
117s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
04/10/2024, 15:52
General
-
Target
13ff0d32f2f01e17ca003ff01889685d_JaffaCakes118.pdf
-
Size
195KB
-
MD5
13ff0d32f2f01e17ca003ff01889685d
-
SHA1
ce2d7d2fd58604dc5421a1db535a669383becd0c
-
SHA256
ba13a1cc864c33f6943f37136f22020fb3c44cdf4778e0e868149da515658a70
-
SHA512
a36d57a7418fcf68e6b397c836757965b00583cbd51cfc2976a76a7e3e245b033e95ce690879baed5c438ca45c067dc575e737dfc660b5a242c950f0c01df9e9
-
SSDEEP
3072:yQpk6VCvt9k9tepYoRyn75u7yMxdVGvwSxsfWr6ZMxOpTcnGhakQHXloaf/XsZcx:yQgo9OKu7pxdwvDxsfWRk6lkQV19
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\13ff0d32f2f01e17ca003ff01889685d_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5044e1f61648914a03f631a9acb585ed8
SHA152ffb7efd03d59fe0074a3e0743b8943be3726e2
SHA256aa94ebb0aff62616a45c4069c64e4fe07b352a94277076cd6ae9224aa1278f59
SHA512add92b50b287fbf274728205d5940ecb26f1559b4d280c5b5ded0ee238248c03f6522b8a74bb50c985ffe168bc5bb882e4f08772cfad20cf6d2a8c9188bc9cd2