Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
25/09/2024, 20:11
General
-
Target
f6c6fd3cb0b1f22eaf96692a15c3c4c4_JaffaCakes118.pdf
-
Size
51KB
-
MD5
f6c6fd3cb0b1f22eaf96692a15c3c4c4
-
SHA1
7abf1cee274bac280b5b71b6fa211c89f9521151
-
SHA256
e489e4ebb5d3e4a3f5df9c71ea88bd6c90426d35d2c85a9bb95fd4fc65ccc343
-
SHA512
9a0a1c61b30f43f55a049986b56cea3e847a1a2e93e0bc50cea034ca8a877022e7b27aed69a7b558faa4465c92a4cf7009abb0b7b3ac6075193868db5b3e3c7f
-
SSDEEP
768:dgGzpDXHVi2bq0ek8qI+OVexhQT88EztEC+X6NMEyFeIv1aeIcffxMuCoHXFJat:eGF7PbpI6hQT88CtEC/F1ItvhMZo3fat
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f6c6fd3cb0b1f22eaf96692a15c3c4c4_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5ad87abbab736f9155c22f2d9e6460de0
SHA185aa9a6cfe66a07cab738add2093cf8acb37ee9d
SHA256173e3fc75b5602eb6d9b6f10c5f6ac2e71f161dfc1047736269f17d923bef709
SHA5123a062e539ddb98136dbe74ca08f7d45fe861f2d958d855b7484733a0178a5625dcdd7f3045b3643caaa3038753f144dd946b6562f4517f000b8fdca1519a9bfd