Analysis
-
max time kernel
117s -
max time network
117s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
08-12-2024 14:56
General
-
Target
d79f8aca88981a252374b7ca0b0e2ef6_JaffaCakes118.pdf
-
Size
78KB
-
MD5
d79f8aca88981a252374b7ca0b0e2ef6
-
SHA1
bb98bd83c8dbdc040cfa9c71d79aae2a45c258ff
-
SHA256
0933c8fbf4e093d9997abfbe5be3b9f4ca74aa13593596aacb8dbf200b99919f
-
SHA512
861dc60ef7825106a12e257f972710fa1ca1d913d823cfabfc5288185526d42d86633a2c3f4de13d4ea6ffbc4cbdefb119c88f4d3cb586591bbb579baf9732ec
-
SSDEEP
1536:FvA4kk5nFVVGe7Ahi4dCY0n+A4LqtDbB+NyRDknDgXjkuB4muPYzlSnhFNxV:JAJkRAecs4A5cLqtHknD6j/pbxSnbd
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d79f8aca88981a252374b7ca0b0e2ef6_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD501c1ccc6ad3ea98bfa2dfa9792db9ef1
SHA151193208386ce0c60ed7f9a211e61612297f528a
SHA2563ad0b11e6bd2f47ab7238f9c1d01c4021b61fa824c41fe473addba08a852f07e
SHA512f9984b1fca75fc5672e70338e36bdbba3c85f7813d545dbf403f8334d657099319daa21e60180ef605b76479deb794b5b3d5772ac6effeed820a806bdbc11ac4