Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
24-11-2024 01:45
General
-
Target
91de4646893dbff2bbe2e5beaff8eacc_JaffaCakes118.pdf
-
Size
76KB
-
MD5
91de4646893dbff2bbe2e5beaff8eacc
-
SHA1
b47381727dbf38586d7d1ee2ebf623d84e6ade01
-
SHA256
f4617cd97b544b2638d5269074ecf0b59cfff1a7d1cfb68922d92ecce8766bf7
-
SHA512
30784d789abd142df0c1a17c9152e905d5197a8f2230538c66ce849576667977c820afe756673c5f46e9a8eeab6dd6841b6955e86bb8195384381097f0e18b68
-
SSDEEP
1536:2u/cprSP81xPnKMi84eK8aaFOvQvolpw9A0Stbm1Dzc9ZLod:nG+e5rTFOvQAlpmA0StbIXc9Zu
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\91de4646893dbff2bbe2e5beaff8eacc_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5d51fe71b67a606bf42214fb99c4a817f
SHA11f06e3cb4d9dc188d1e140671c6a10c877657679
SHA256949456125d4f1d644a1fc9815295dd2d4c42472ef9aff8502d6cc2efa2eb6315
SHA5124569b152ccd6427c7afb2f8423a855bff5590657985336ca19e8b1ca00a9e48426a319c46e93ca6b60388a80f57b6914d854552d44ab620b518ae5a3643b639a