Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
17/10/2024, 11:44
General
-
Target
51ed8d39c880b664c4113b528f3ac2a9_JaffaCakes118.pdf
-
Size
82KB
-
MD5
51ed8d39c880b664c4113b528f3ac2a9
-
SHA1
ce78839455a97ba84dbc521c172b599b341544a5
-
SHA256
4d366f7e5f133dfdef181614da28afbe17d88f2fa4ab564e604333ce6159cd11
-
SHA512
4d917c2ed6ab37f0eab145b8dc4062d380f55b28038e5dafd105405026070995ca5dcf474665075330ce1ee2dc1cf5eac325f212b61371fbbed9ef7aeb820e35
-
SSDEEP
1536:bUpbGpYr8yE7UH6Jm9P2CCiyiWZZr3skEQxWepOZMfYz5:YpqpYr3EoaJPfDt3sJQmZKQ
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\51ed8d39c880b664c4113b528f3ac2a9_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD54eeb81d29092edfd12f0aac8a3828d2a
SHA18e4b52e14336bcea678802190a313cda88419928
SHA2563b36ef269619c31a4aed4b30c868823c1df4095468c0d5a5ab57dc8f7ec52493
SHA512e467991048b3b1f7e8375ec93f86dfb01145ac8d7f45a532ec39e74e70b84e7aabfb8ae1ee463d606fe7c2bfe3df172fddfb1a709c00f65a0bc4fe09d866e18c