Analysis
-
max time kernel
122s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
10/10/2024, 12:46
General
-
Target
2fee20a043f669e133040e58d2617061_JaffaCakes118.pdf
-
Size
331KB
-
MD5
2fee20a043f669e133040e58d2617061
-
SHA1
bc908bf7d4bb706526b03c5ef72a28659db75975
-
SHA256
80a38dcb349edd53aa251808e73118e584bb4b3d48cf044c8a109ae24ba132ed
-
SHA512
c7cc0c7ef3d6a34b5a839b478b47e2f073bda9695cd6ba644b1a619f249bd44dd3f83f5a5930a8f74bdb981ea5d7d99e8fcdadc94f1a6cea264754d688eb9595
-
SSDEEP
6144:CTjb5VmhmahUKLiJuVwQoj6WWGuB5L77IHuNfW4uY4nBbke/6:2VmMeUXu5pGw5eGlSbkz
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\2fee20a043f669e133040e58d2617061_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5497da3ba0be2fd19e071faa1a53f1e8a
SHA13df63e5ac8de9dcae27a757cddc6198428c2abb6
SHA2561b50a76830a13b5a57d7ae6e7c6889f16e8851e18d98ab4439332c5ccf89beb1
SHA512257c641adc1917decc20e81955c4dde041e87d7356723d366ad33b1a6324eaeb91892416d61e52bdde8d2c9bc001c7a2c7d8d139e39626db5a2a189cc5103467