Analysis
-
max time kernel
96s -
max time network
18s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
09-10-2024 05:04
General
-
Target
2b5a1f4acc68a7265bc003bc27ac22d2_JaffaCakes118.pdf
-
Size
76KB
-
MD5
2b5a1f4acc68a7265bc003bc27ac22d2
-
SHA1
66c33cef042d8404d539c3e56f52497010c795e8
-
SHA256
59045f018a80fefebaf23b8ab4b926df0367d8577fcc88f4d7678aee5e2009f8
-
SHA512
f52c9aef124b786653f94af4869adc7d7d512a2baff3a8640f130a3f442f96973b46745a1078be6e9492b73464d6ad8d27b5c87954a35d4d414e5cf785335c8a
-
SSDEEP
1536:ED63nrlDauxauGcGzHHHqSnQAdWzl8IOWUpO7jFIPWZOqdDel/uE:3nr0uxhCqSnQAq8I57RIcel5
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\2b5a1f4acc68a7265bc003bc27ac22d2_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD558bef4df230ad94499dc0dd0430826c1
SHA1e68c29ba2c050911941b72316407e6b3ef2a7e55
SHA256d253bfd3b2c60f82a99a86fcb82ad0e16a8c3e36bbe36e83b55c1acae5134145
SHA512ca35c8702cf97cc1c3f323386df559a335e70588c4b3def6257cb8265624096caf4044e26f504e33f06178a407dcc39a50e34492ce193adfa041fdd336809fe3