Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
08-12-2024 14:50
General
-
Target
d79a0326db1a6b9972c922d272fbed69_JaffaCakes118.pdf
-
Size
94KB
-
MD5
d79a0326db1a6b9972c922d272fbed69
-
SHA1
b858fec85a713fe2445a9a4901699b9ec2abb2cc
-
SHA256
7eb38eba6761d3ea93622b5debd74feb1e3e8ed6c99b704df55c7aabf5b239ab
-
SHA512
5ddc9973d2c2a8d9fb4662ae6c890434610c74e63c9b1bca415a1379a9f4d0a4e0dbfc8a2cf520b296e573721b56588961a4163e2ceaa58c429685faa02b1986
-
SSDEEP
1536:GlzdjuuVo3YbyZ9RzjHTcYdmmnc6t3gM1kVsJYDW8pOGF/ORIWPRAzQvzim4+Uc7:GzdjDVicyZ7Ybmnc9WiSYqGFGRfqQvzn
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d79a0326db1a6b9972c922d272fbed69_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5f52affba58a6aba1343be5f7c81fb715
SHA168c5fd2a2752bdcc717f66f991b0b1fcbd563439
SHA256dbcf2a52ff4937c25c4c25c55a2a6c3d3a85d3770d4462294f777cbc6d1e6ce6
SHA512d9cd3e5a132f03420a10c04026eb0dca45d80c9ff462f7c82bcf66e20834b5bd2af6eec53bf0843e6f748b66b36544a47ff9b7f25bc2e07c764fd6338dc0173e