Analysis
-
max time kernel
117s -
max time network
117s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
15/10/2024, 02:18
General
-
Target
45561cefcc2ba2a86922629dd32ccaa3_JaffaCakes118.pdf
-
Size
86KB
-
MD5
45561cefcc2ba2a86922629dd32ccaa3
-
SHA1
a24946ba576c7507080a60299c381422ce58b6cf
-
SHA256
138f2a9835ab5a865d97e7817d3ef98e71df3d86dc181806f414de89f1000cfb
-
SHA512
ec02a26e706f428f6ce9b3ef85f7daaa3b536fa147e9fd9a8eab6a6bff5b0849bb66f658ee713540639d8702476d884e672f20336171c89c48f488350dfa091f
-
SSDEEP
1536:PMmboUyZIglsz5mzJSWst6sdk6Wh6vsgOWkWUpO7+py:UmLyKgl4gzJS/t6gkTgOWn71
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\45561cefcc2ba2a86922629dd32ccaa3_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5820d02b261aae4d3f3a010069d2ee134
SHA1b7b4990ad1a3b86e3e0a96bf69d4b2841906ac5e
SHA256fcc43dc203ab9c31c57132896ef6b4c42c72c717292990d12ac34d9597fb6279
SHA512c2f32965748a46a89a375c98d1ddc671ba385f38dbdb844c9fda2a5660ea39a58e3c4fa1ebd217dcfbe92a37a33420ad035c3f1fde8bc4d241dd9cfa90adbaa9