Analysis
-
max time kernel
121s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
13/10/2024, 17:04
General
-
Target
410cc403d73d7b6884e0c27a86c99006_JaffaCakes118.pdf
-
Size
88KB
-
MD5
410cc403d73d7b6884e0c27a86c99006
-
SHA1
36d1c56669c39b736091c33ab413975b6377a2ce
-
SHA256
227a4a9504fc59d5d5505b85f744019896da13625f50ac41479c18448b52d778
-
SHA512
93446174d42483f1509366ad038af7b49828af2c8c495de7ba4e642a9944d564e78377bbe837d2495463824dee5b7d5d12c0da0f63fd3125c9ea09532d31aba1
-
SSDEEP
1536:8UvsruDlfylAPARqCJppHldcsIWrnHZklYO2oiWcWYjxW8pO7RTV5:3vEudyCsqCnJldcsIWrH+qO2oqWYjo7R
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\410cc403d73d7b6884e0c27a86c99006_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD57c477a7e37d7deee372211ba063f4742
SHA1cbfea3129fb6a07678aceea2522ae21ae8abd6ee
SHA256584578762ca43fb6597b2cbf75f63a943fac2151afcbf3527d8b1a0b4b97f61f
SHA512a04fb9e7ff7725fd71468e617482e30191815a7b90cf8746b074b0ecc407318715dc9ed0af26a3e0c37b45c56724794fd9f0b63223805c559e51d74cd0f24d67