Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
25/09/2024, 19:16
General
-
Target
f6afb8cb5da38b93e91a1d5552e29f47_JaffaCakes118.pdf
-
Size
34KB
-
MD5
f6afb8cb5da38b93e91a1d5552e29f47
-
SHA1
5ef17e8cec2b490c5cc40543a87f15b7fd10863a
-
SHA256
3796305ec19e32a4b59cbbc18f4c3cfb801258634143d2c3a3411a01454dd820
-
SHA512
4ead40eab1fd5b2c28a5bcf3ce4ecadcd0e32b5ab6cf21c4268dd3338c20957258c241a2bb64330fd54e11cdcc78982b6a94349a51f24b9e0d7b2dcdf71c939c
-
SSDEEP
768:xBBbzR8/fxI4IqHXft8oBYUAJ1uhe2x1GaVlVo1iy13P6VzhE5nXuMZmwgCLWary:hbzRoa4XfbBYv1uhe2x1GslV2iy13P6H
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f6afb8cb5da38b93e91a1d5552e29f47_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD521b27c7f9454455424c13be6a02f0686
SHA107833024c1e0982345dcdcf327d05b59015e0b36
SHA256c619f989490f86477a1bbaedc9dfb8bb7b92f75451f29996d55adff6478ddcf7
SHA5126676c997994097dcc7b0b3cbaeb9a471f4a8d2fe792d54edb6236b0bac2887271e235568b01a93a1933f042bae2256d1b498c6af9ef118d7e48b658a2ec53985