Analysis
-
max time kernel
118s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
15/10/2024, 00:48
General
-
Target
45015b622211e4f82cabc9388aa974fd_JaffaCakes118.pdf
-
Size
66KB
-
MD5
45015b622211e4f82cabc9388aa974fd
-
SHA1
64e9ec28cb13f594b71fd29e71f18eb3c2f5e568
-
SHA256
9fd2d3a2a09f7fcf04e66c5d7c410575f88ec264b6dcc3a2dcb515e16c529c2e
-
SHA512
9672c28c10bf1f8a23cb57bed329a1f6e6c0b420dbd3db6c48e9b664b5b38628019d243f7498dc04ad51c1eae6a11dc3684736fdc3a76fe9190c3a3e18fc6529
-
SSDEEP
1536:TbpACuOLohe9E5E7S5bB+JzA/UwOGwJxflbzY+dOWapOn6WdF:Zv3PE5nazA/Uw0JHzzPnx
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\45015b622211e4f82cabc9388aa974fd_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD59c421576cd4e93868ee215482268fe7c
SHA12c6042b18eb3f27824b13552537447634ea910bd
SHA256ba0ebc7387466c2002d4398afaa8499f88c9ce01aad27ea5e3f88c5e799e46d5
SHA51289d0616edab9a3f179f4a4f7c9dafd972ba70b51ae6a98b18c71df690d6baf5e6d7b4eebbb5392729c62e5d89547fcbf020579d8963c7f92b0ddc52ab4bf4781