Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
08/10/2024, 22:54
General
-
Target
26b1bb5388bad0f4256efc6c74943bf8_JaffaCakes118.pdf
-
Size
68KB
-
MD5
26b1bb5388bad0f4256efc6c74943bf8
-
SHA1
bfd8e926a08a17434c86e7b35da530fb87f6cee4
-
SHA256
15b10b06091075331fdc73cdd2d8f1dfc7f35489b3bc2524f05b50cd3d13d414
-
SHA512
3d4a7139e15d15b11412d4c108ea9b263874d9242ceaf57255cc1decbd06973390b076b2a284fcc0ea6cd6400b0abcfa875c93d5e9d1dcc2810a2db514d284b8
-
SSDEEP
1536:1S/an1hgVc/hUzgJaqJeoREsiB2FimWkrhjJSn3bWUpO7i1o:qw1hMcpUzO3zEsTi+rhjon3u7n
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\26b1bb5388bad0f4256efc6c74943bf8_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5233bf08752f7ced363bbdb6320695f4b
SHA1760f42739c0d5a4d0285737857e4a3af991b93a6
SHA256cf6bb65626c0988b869290b356c273425d71ed2e44e99068b484e58c934fcb00
SHA512235228765c72e0577cefa60125b4a439afb02921be3baf59ac3f447b300114b04c333be4f11acab2ed12d6ad01075b916e2a9abd5d9e4008b4896eedbae13e7d