Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
12/10/2024, 07:24
General
-
Target
38fbd3cb2de8caa34059bfacf0e20d51_JaffaCakes118.pdf
-
Size
73KB
-
MD5
38fbd3cb2de8caa34059bfacf0e20d51
-
SHA1
b6e291ecf1f68c4a5f0449f4686f899bb91b959d
-
SHA256
570cc5be65fb8455644784d12d57f3fa78c5ac65f87ace7a01f0e5221a540eee
-
SHA512
4178ebffb2bb416fb6a5dbb5ce4842a0d578b5301bffe48c54a4afd25b26b03470e181eac726a8e65f27de14cf9f03f86bafa1e3dbdf68cce9abb77a2080cddf
-
SSDEEP
1536:Utlys8yJQUAm02+jNW5HaqollGNfY0aBtcHL4PXO0PK:ulys8yZAm03RWClEQTBtMLg+0S
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\38fbd3cb2de8caa34059bfacf0e20d51_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5ad78c14cf607d2cdd35104749845f51c
SHA1bb2020495b9577025e464ab1a2aacb9a9eb2c572
SHA256b1065598c7899a36c9828698a002e5558df4aedf8cbf79e38b72b41d9312627c
SHA512229d8951c535bba9ed6fc8a470ecf2f1a7a3a26d401883add12b3c4a1ac5e17532188963d9b47ead58eb6908d1e27104551004ef8b9f2c60c8fc3b15a86f5626