Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
09-10-2024 09:34
General
-
Target
2ec2ac813841c70f9b09ec023b823807_JaffaCakes118.pdf
-
Size
100KB
-
MD5
2ec2ac813841c70f9b09ec023b823807
-
SHA1
6dd137371a04d6f9ce75353db2e25397963f1110
-
SHA256
782047e3f7c3a3520055470d12996272d84297b403e37dabf27642bbdf14be7c
-
SHA512
2979be7fe9cb51241cf43d14dbeaab5f1dbdf4ccc86d885d5c2951072f81702c5de3c705f14acd7325ee4b301d69f6e71c9f4ca13ad4a216877303186099e1eb
-
SSDEEP
3072:+Es1oqSIr9YfEdJfiXFV/zXMHLDIV3/hVixH+MF:+Es1NSKSfEdO/YHLU1E3
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\2ec2ac813841c70f9b09ec023b823807_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD58d98aaa71c22244a23b2f388b7389452
SHA1ac392fecbd91bb1f5256230f4f04bebbc13637b5
SHA25670810d4ca08121c223c69de1fcbbbe5ef04eeac2db3b29de1b881079f9fde28a
SHA512d9668ca2a8423300916ff4edb1fe557fb248daa2a404a0ba2466ac7f1c9437dff959ccdd5f0400ce80e3f06a521fe4941dd80e277495738d29e6ff1eb919f1bf