Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
08-10-2024 23:50
General
-
Target
2749874a5d45c9c8503b9a0562ca1111_JaffaCakes118.pdf
-
Size
81KB
-
MD5
2749874a5d45c9c8503b9a0562ca1111
-
SHA1
db26cd4eaac064d408ceebb152bcd3d7820a78f3
-
SHA256
87e6ea35e02240cf1ed34df9389641b815f42bf0d34b171e7ce1535c4e75c2ea
-
SHA512
7ed6d08665a0f6da3d6a4cc8e301ae299813faf40a91cb40428ad7a544df0062a92e4922c0f525cf7385e09074b17c66bad15f2493ebb612aed9e83b0607abae
-
SSDEEP
1536:bOhbnXtkBcDUrHS2SGT2zO96rHj75R5YqYHrkps7uiIW/PrYdA:6RuyjPO0Ouj/xUTqVoPB
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\2749874a5d45c9c8503b9a0562ca1111_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5a3d4ef80ecb8f61490b68cec762a4a10
SHA170f15d476cfa1f681939d0569f5ffe3629e7c7b2
SHA2566d853de6abf5a2caf928990a78f141aa4a989cb77301357f9d529681c88eec24
SHA512e779fe81488995b9b9401357b0221c8876e593b71a320a6c231b07b670227e899c7d75e815a3be44526cdf66262ce2de1a2bfc8cf4e4859a35f965f9605137f0