Analysis
-
max time kernel
119s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
24/11/2024, 01:56
General
-
Target
91ea94750d304f5ac0cd3ff98e011155_JaffaCakes118.pdf
-
Size
66KB
-
MD5
91ea94750d304f5ac0cd3ff98e011155
-
SHA1
8ff8a137e192b2f0f1e93e43d41e14539524ce31
-
SHA256
4e16ba03e740ac18835fc8658f99668805fee9438af2fb16ffe56a98394623b0
-
SHA512
a132ce2441b718f76059510d3b566ce234cf7cd061cbf54a9e426dc08a81b455e747817569345ddedd07d30957406efe0cd07e56c58efbd5f31b4c6a7fb666e8
-
SSDEEP
1536:D7XrhXvlR2yTO2hlim0yBj7yQkz3IO/KM79aj6hgncll/BfEj:jhXvlR9TTLBjs0OBwGhg+l/u
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\91ea94750d304f5ac0cd3ff98e011155_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5dbc2417ff8394cf9635103059a2013a0
SHA103fe137ca999d76f4101f02e69bc25da6dd83764
SHA256b6e6832e2dc8418159e3098af8fbc4143d415ea2666faf4a645610032278db46
SHA5124c8146c3adc919a81413e2b793ecfd7d56bce1bfcb98e4aa2f3ed3e0ac333b6924133030a7bf6af403424e769bd231ac55a086110e6e561c8e6c01020ea4d3e7