Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
-
submitted
08-12-2024 15:11
General
-
Target
d7af68107dc0372a3ff7df7721df89e2_JaffaCakes118.pdf
-
Size
80KB
-
MD5
d7af68107dc0372a3ff7df7721df89e2
-
SHA1
686570520a489aae50f8d98e223d58917ae34db4
-
SHA256
9fe403acbd10a03c32e402b2f2b3a5b6ecc2a602dbd7aefa8ed9b0a9ac8a5969
-
SHA512
718fbdf66821e2e4ddfc66a727dfea4be0dbe7d83461548a581470080c48903f93a2c92bab21a0eee3a58edca082a12245eddf13ea1845a8ef1cec67d99fa1e6
-
SSDEEP
1536:st8IGbu1pKja3btcsZJfdI4zEi09bvpSs6+pXIpvBWHO2I9aZoIrGYPr2W8pO7V9:+8IHyjaSIZW4Yi09bRSs6OXQvEO1NItF
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d7af68107dc0372a3ff7df7721df89e2_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD56df67ece4bb85df7ab22330d0ff46e8b
SHA1915650879e1c6682e51a856bb4f9fa99ecc8ec05
SHA256bdb853829f0749a991b09670a551c7b7f955dcbefee0903972b5f650fb30923d
SHA512962e325b1431915c07c885d26a7151f6024b16494d81b6c32e197e91bcf339987a04750eacc6bd1233388663bdc47fac6b4cc592cc5ffaf8d495ad7511452177