Analysis
-
max time kernel
94s -
max time network
18s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
13/10/2024, 20:06
General
-
Target
41d449ff9a11f126feefda6b31dbf0f1_JaffaCakes118.pdf
-
Size
82KB
-
MD5
41d449ff9a11f126feefda6b31dbf0f1
-
SHA1
88264c20418ae8fc7cee606f7fd67c0016ec3ca4
-
SHA256
1a2decfc1a9a76a44e671010ce68841c2ba99bd270939567ad81575ae170d413
-
SHA512
c6dc2c3eccb6843540897d08535d42b9c26146ca3a46db725b2ae395ae562c586bf665f9e21c8ee564be6d0387274a5236ea2034c21391a547b48e179a943535
-
SSDEEP
1536:FvZPYqKEFPM8SgsN0ODSM49rmoCaB9LdvDbW2b3oG1fWepOiPHysxPQy:5hX6K9rmoCePvDlsaAiPfv
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\41d449ff9a11f126feefda6b31dbf0f1_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD546f18fd5892efe65a93eb8e1f1bf38da
SHA1668f7a5d4330e39bf8828b6d357327beaf7d012d
SHA256ed32379a22773db0fc666dbb716ea869c6906a7224fdb2c1b9ab2b179823d2e4
SHA5121089ad37f9901d1f47ff31917b4b34280e09f302839138bf664aeb6ff096b88375b1caddf6c60a977eb0483ab2b363aed2c42399c9f659394ebd0886bba0cd46