Analysis
-
max time kernel
96s -
max time network
18s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
18-10-2024 12:25
General
-
Target
576c1c27dac150c476aab5b04a2c0550_JaffaCakes118.pdf
-
Size
71KB
-
MD5
576c1c27dac150c476aab5b04a2c0550
-
SHA1
df4524fffbed379a7e16e410e1ed8c31900b8155
-
SHA256
055939d54906861ce15a072527097a4c83818faff475de233cf96b6dc983b145
-
SHA512
8b8960c7a9ddc200b4234980989e2841a03450d8f6a44baddcdfd6227294f3ed514e053da23b05e016f33ac8e01e1f600b74c8a2f8f81c0c95114200fc056e1b
-
SSDEEP
1536:F2fXlmpV6ubc21Q2uFmVx5DWSktvM/WOpOaZJFBF:JmudUF65kpMQaZJx
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\576c1c27dac150c476aab5b04a2c0550_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5c5797bf4de35277c1b917c5a786b572c
SHA1086dfd706ea4165dcba261e781a9a87319e0c3d4
SHA25632d3bf038ea1fd3df0f194f76867e408b3c96cb33aaaaa0781a48a73770a67fd
SHA51226de558e4cf6d0edbd4793c2f5b64dd18a891667a2facb59e0c9ed866e24e2165bf2a6bc4077416c3e7fbfc87748b44f3372dff7201686f33075ef83a30d2a0e