Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
09/10/2024, 04:41
General
-
Target
2b048499c009262572104ef9da78e16b_JaffaCakes118.pdf
-
Size
86KB
-
MD5
2b048499c009262572104ef9da78e16b
-
SHA1
a4a8b4038d60f25d337e09ef669cbca968ecfd4f
-
SHA256
83c26e712bb146753e70c7c2d4338131b7b9bd506c6174dac1a5bcda2a005ab8
-
SHA512
150b6b1786d4ac7e019e8cee0a940ea1726534fac263399a671792b4ee510e3bb966384a6cbdaf9269ef9873a68a63852f35c3d314a1330a6e962e813f948352
-
SSDEEP
1536:g9tOODXhdQ/+Xr0mD1jqjuyzWp3YR6yXn4ZH01OaGADSNbQGyWZtvz3fg9F6Wkpv:GhsMImFqj7zLR1Xn4ZH0ACnstvzYFtTY
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\2b048499c009262572104ef9da78e16b_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5fddf4c601801cf4e1d9138c0a2d50bbc
SHA1dcb770c219a71da109e434bec950162e6b183610
SHA2561a2557184e8adb781b96836b539ec389fefa87a5ee6a4705c777c4bf3df5b0a1
SHA5128aaa3bd2c71c7dd9d2044b260eab10524d5e67982cd796335a71483f56316179c40dfbf00de0595755a59724ec459f17c88e80629d856485a3e8ac2fbfdf6f54