Analysis
-
max time kernel
121s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
05/10/2024, 02:48
General
-
Target
15dd34e32242d875f6204e2a68d6a333_JaffaCakes118.pdf
-
Size
86KB
-
MD5
15dd34e32242d875f6204e2a68d6a333
-
SHA1
b8b8eda95189434998ea305ca5af6686f5c8aef4
-
SHA256
0c4c6ea60bdcbcd1835deb2aaaf29f77c524ebcace008640fb1ebc65fd7d39b3
-
SHA512
e8bfb7bfd982cac65e2b02b9a203a7f9ac910c382748cdd0f798ff2eeed7331cc21ebbf8402d171394faee1eac3c84beee9cf068ce9216e39c6644789e82eb4c
-
SSDEEP
1536:0CucyxmGRxRy2O/bHNS0MGGHyEkPDS86E1KkEjLy/cgkGyWCpOViIW1n5APS6GxD:v4xmYRu/btS0LEl986EUJL3VGPViD9xD
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\15dd34e32242d875f6204e2a68d6a333_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD588b92c02840519016630cb9e6296efd6
SHA1450db681a9983fa019480c001f27c140a8d2a0e9
SHA25627ad551235c4f2b957967ec254ff2ed077073ecf42af7eaf63797f0269677258
SHA5127f68359807743871cacb753e18c149521b6d84b56d7543eeabfe4d1f87a148e91a98742d8e1af35f5f9d627f1c3455f91128d4b513828828d04acf4fd6f48e19