Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
09-10-2024 01:45
General
-
Target
28a4447fa235c6b8e6e88882734673e8_JaffaCakes118.pdf
-
Size
78KB
-
MD5
28a4447fa235c6b8e6e88882734673e8
-
SHA1
4a108df6f11ac6532059f7f7d1316da7d62de2b2
-
SHA256
89e0097c7be256c9506c2dc2692b5918a9bd5a8b26b5761336a53046c2a3d696
-
SHA512
a27b2a3216b9fe5b914bb9e725caec867d0fef6e3a5d2efb7549c00d2403cc55f57453d486033abeb447e3ac7d51aa04b850251d3a8ecfc61b602cbe7b3be227
-
SSDEEP
1536:YD2YKebYgoDYVdxiQg9LtSLkwXtnxPPl6ng2dWs3LL93BYiWspO2rLDQeO29:w2+ZQ0cQ4tSAwXttPigA3LL9Gp2rLD5j
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\28a4447fa235c6b8e6e88882734673e8_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5db13ec962e6b18e277930fc1b388536f
SHA152b7784355d9b370cfd39dcf610eece2a8d9f0e5
SHA2561ef0c79c2bb516830a3cc166aa4a88ab0df840dd0c1cbd255c88764ba592fe3f
SHA512639a211c19442ddeb835a2faea306d6c12c8554b41a1f713e88033169de6c8dbaffe3ec222c571c9eecd2aeb6db520bb78bb62876df253483a0a0be3c6bc5aa1