Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
24-11-2024 02:03
General
-
Target
91f2f4767e876985786a49c093bb0101_JaffaCakes118.pdf
-
Size
73KB
-
MD5
91f2f4767e876985786a49c093bb0101
-
SHA1
30d72fdcce12747cb6a4ce7bb1aaf658bec7b8e0
-
SHA256
b4718f1ec260bb11e21e2e03640483e76343aa4382580e8fd8f381caadbb948b
-
SHA512
549af8c30723ff02c5cb64e41a5379c69a7ee846c15e4536eb0c70fe99fd2393fb6d485af396d95709af8743552770fdada83607b5e6637d1af6accb8c5c126c
-
SSDEEP
1536:CWD1zpZfWkSjQl7s+m6PIxLnIOr04pjh+/yUTkhcbwoyhGj:rD1zpE+s+YL/g4R8aUTkGlyc
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\91f2f4767e876985786a49c093bb0101_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5fc876087086165cb3b9142312d7d9aa1
SHA18a1b54b20a12c5f98c175313d12c4a95066e1e61
SHA25604d4ebe8938e9020f5fe22054a7cace569999a3168cc6b56b82e23b4fb94903a
SHA512fdd10f90092264fb3c7779bb9a6de207d6573af0ad2bfc610f912bc77e4a84a726ef02d95718a73a7ec783e1c58ac536335f2c4d30561cdb99691c17eabfb47b