Analysis
-
max time kernel
96s -
max time network
20s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
08/10/2024, 21:48
General
-
Target
25ed39dc48cdfb4354587d44249f40c2_JaffaCakes118.pdf
-
Size
211KB
-
MD5
25ed39dc48cdfb4354587d44249f40c2
-
SHA1
a9bb3eeb3cd769ed5b02502f7e4e8dc855f44269
-
SHA256
2076053ae66299736fbc8d1be41b5ddbd8a607957f0228bb7dc6dbd4e5d92df1
-
SHA512
ab5a95f3d914cb334d42b3d18d142a446cfb75e7f7584735e7cacf93f569ff32b9aa25a03d3655acb577979f0572fc155fcc412fe96a7ecf60eacb9b924a6656
-
SSDEEP
3072:46W3v8nzK8Dc6NeWovypwdSIUkrVzWCCq4ya8MZi/1nZijojMFRuAh6rCR4HVxji:akneINRHAnUkrlWCCqVuZidy74h32n
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\25ed39dc48cdfb4354587d44249f40c2_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5d4fb91218fed8e4d6dbf2e4ec05bd67a
SHA14e9a9549775f45af8b002a6721d62a6c176d7d05
SHA256eac215a7c01207ce153232d705e1d6d53696131d4a96544f66ca222533ecaeb5
SHA512fc483a3b5a06c40d192f8541f067906866ce497383ec3ec0dbcacadf23e4395726c88f0c26fb3f6c30cb24c8cc1f38e8595bde7d7a75562c967290154362c4a5