Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
13/10/2024, 08:59
General
-
Target
3ef2f7167cbc8016fc9e7995fc33cdbc_JaffaCakes118.pdf
-
Size
88KB
-
MD5
3ef2f7167cbc8016fc9e7995fc33cdbc
-
SHA1
2b7311103b0d6474c4b5f523553c04b49e5fc909
-
SHA256
32e05c3e7d11b3ba7c631201e155ddebb6c80b072d6df1b01f418a5f7040ed5c
-
SHA512
f57b5a46d2561776c210cc1151443ba7900ca36b0b9ec2f5531e0a464ca8597d77d5b6e01e626147ffe56a4d8060880b2b4cda7670d9f03be12a189f1c8f4c76
-
SSDEEP
1536:sVYnE3jv7YaEe6eeZlHgsn+gV0zDS1nuRzCvQbW/bgWAWC2WUpO7ESkzI7rXp5:hnEzv7YNe6zZlHFnwzDS/QobDCB7EQD
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\3ef2f7167cbc8016fc9e7995fc33cdbc_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5c8b015688dc312936bb67132e220fc16
SHA14a4e7b6d97bb07e30aaabecccd36cc461c232649
SHA256c23eb11052a1dcd2a28847c932e1b3f7f9e03bf17a76a1b50ce9d059a1ecad1f
SHA512c73ab4e35d3b50470def7997662d19420483c862fbed7d27aee1f70279911e586e3993ffe9c8906be04fe19fd0d1d054422fa38c83f5481c990e840c8683f9d4