Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
-
submitted
08-12-2024 15:23
General
-
Target
d7bbe5c4889bc18a9db65ebd14fa0623_JaffaCakes118.pdf
-
Size
99KB
-
MD5
d7bbe5c4889bc18a9db65ebd14fa0623
-
SHA1
3454c82ed44d8f4eb804358a98b16976ca9c5832
-
SHA256
791b69ee5f78b0d05d3983c6542121e2d23b032630b1f758ae3bcd10d251b5ed
-
SHA512
f5d4b2668d4a814eea548ab3308d3bc40a4b5d5a3ab12ec70a44c45fc6e0e341c56886204debe8f6518197a196d5506614f323b3be03da734214156e7092f946
-
SSDEEP
3072:h39AyMtvZe3AnTklBmH6qjSufB/7+iCzTEAWCY:hCtvsUYfmaq/BD+iQo
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d7bbe5c4889bc18a9db65ebd14fa0623_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5ed1041b9bbf469d4d806410d407bc82c
SHA17a29e41d725ec9b58aeda07817359469c551fc23
SHA256554b3d23a36f4a209aa4f05bff189cc056832cb76eb60f9f9f1e91a271e5ce77
SHA512f4b10bdf3197b1f0c666a7adb3aa5dfdf93b19c785f0cb1daa607adf349def2f04d9721e5aa38c40de33482b2f877672ef54f1bba1592499b5d078866f123683