Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
08-10-2024 20:34
General
-
Target
25149a780602fed0005bd3d2ceb6fce6_JaffaCakes118.pdf
-
Size
81KB
-
MD5
25149a780602fed0005bd3d2ceb6fce6
-
SHA1
c29cbe5eb31c26234066e1731b30e40fca2ec3e2
-
SHA256
4eb7eea8932a57875fa0881cd5aa1b9fe8af41949b196ca9c2fa85939e4c4bcb
-
SHA512
f407358ce05803aee7091914b34591b0851378818dc89fdd38f324a2f4c97c14c79cca7e5b0cbfd3d46b297fedfdba222f3f9721105f90fb535466d158b25897
-
SSDEEP
1536:VspK/TGXJb6+A5Xtwuu9RB0rlaxvBOal01+iwotzcPS2oZb1WqRMaDW3IlDNh:l/Iq5XtwlTB0rla9B5TiwotzTZb1WqRz
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\25149a780602fed0005bd3d2ceb6fce6_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5dc6331c744d1048faa5f536f1f027f61
SHA134f512e761c270182012f261c66fec1a5ef684a6
SHA256290fcbc90b7c3f190d21c2655189f2251ab9bc8de2061f7408e34de47d86e429
SHA5123b84127855dcfc7f0ee0209e4e9406aa4dc9d261b54f9abbf46471ab2ecdf1d5d90f37693582ea288750ca02e6ed25ade2d2c8ba502f25333156518ad372adbe