Analysis
-
max time kernel
120s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
15/10/2024, 01:06
General
-
Target
45133d869f04c53a8b4f1589675c6372_JaffaCakes118.pdf
-
Size
72KB
-
MD5
45133d869f04c53a8b4f1589675c6372
-
SHA1
b4c31efff5adcb3cae7553c3b6ee3ace2f1a4f0c
-
SHA256
a0405474bfd79baf466f86eecb672ce5b228d6217f8c7dc6c1eacdcf94c87baf
-
SHA512
d7c7796be44932450a00e7324b1bea9426404339ea37395a5529b32f64ca53c3131db48a5eb935678ec2071d203baac29c31735abf04eaa80e4e9697e1f05f97
-
SSDEEP
1536:sdiTp9wS6j2ioqzW8g9KDZ7PnJrtRj/kVzDRy3euQ24U2o14GK:8iF6joBVabJDrkNDY3k814
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\45133d869f04c53a8b4f1589675c6372_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD536e4484bede6fb7e06642a9305d19848
SHA1dfbf736c525b1edcd408a30629bf112f653efd69
SHA2565cc48111490a00ba993e823e3f5a18d23ade63f8761630b299f254a88cd9e4ef
SHA512b69276068633e673b890359eb3c4cbeef9ed4f6fd8b464de67e7eaca2c7a26f9b244db13911ebd9aa354db08ffdf848a670239dcac085f6ab1e8fe375ffd4544