Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
24-11-2024 01:52
General
-
Target
91e6b0628ba45c91648d9db16f4863c2_JaffaCakes118.pdf
-
Size
79KB
-
MD5
91e6b0628ba45c91648d9db16f4863c2
-
SHA1
b052d9a1e3c07704e958e3857bf57d3f99dbb60b
-
SHA256
cb5546aa9050bbfae757b5da547639dc7fa3184abaa1a2d280a045fbef1cdf34
-
SHA512
ee8670bd25bf9b93c6cf9d51c2417f966f22fb5806f86a37bf6bdad290f63754f7576e726c211bbf415f60c5e9adc98abd2401df7a63608bee1c82f4b9433e5a
-
SSDEEP
1536:gQfQJNMp6XCFPwMoBUNVj9deHigMwL1J8tZR0VOkkTIUEa3Gogpw1Sn+DhfY:pfYNi9fniYZ6OkkDhG7w1S+C
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\91e6b0628ba45c91648d9db16f4863c2_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5f543b1f93ea43793f2ec4a0951b65ab7
SHA1a3dff3e576bef68f520a6ab6c2fedf9d3a101c6a
SHA25668287edf0dbe2f7f11d359578ef43aef7859de1d7c62856e2585cb449bd85a10
SHA512e4a1bb277ed0afbbfdf55b72e3d47f8b4344eb430734b9fe6d3988ee3decf268a5cbe7832cae70479f9b6424c6927825c789673c27980579e60c2538992c3c2b