Analysis
-
max time kernel
94s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
-
submitted
08-12-2024 15:01
General
-
Target
d7a4972a35bf095a50be7b2f6c5d5be0_JaffaCakes118.pdf
-
Size
91KB
-
MD5
d7a4972a35bf095a50be7b2f6c5d5be0
-
SHA1
21c1b67e635573456225a65edfdeef07115e8db7
-
SHA256
7f819c6b11382491131da2b1e599c2b5fef52e7ee4c4e2be9961831c76d3dd1e
-
SHA512
245aa5b6e6e368f098917caff747641a567cd41fc1d138c1c0f7f6a5e0eecbb5f5f6d0009e5066ae73f80f60ed2464f4deb659dab7d511ae025b69c9d7b131a2
-
SSDEEP
1536:svg1cUWFNS1vTR9Ch9JBmrKF3o7b3bOQPgG+KQNXPEDYrz/x8SIOm9Gj:vWPS1LRktAKhcb37PgBNXPEDYrzp8SnZ
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d7a4972a35bf095a50be7b2f6c5d5be0_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5a736494338c413f10212613f65499ca5
SHA1072526ad63b9af79f3de9ebb8245c4e92b68bbc2
SHA2564152fd7706bd2c4406621ec63e9d74d0b9230ac49cd7b4eabe49b2fe6024523b
SHA51297a5ffb9768bf5f68688adc8cd69a171c470ba961641c8c9789cae305769cb72c5c2ac96f6c5da98ddb3ff13b69f4574bd394a9e75365996a8b8fbd0f84a6ca7