Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
27/09/2024, 22:48
General
-
Target
fb0aeeb3b70472a6a88e18e50d60d6b3_JaffaCakes118.pdf
-
Size
32KB
-
MD5
fb0aeeb3b70472a6a88e18e50d60d6b3
-
SHA1
60c8b6d8eb750f4cb14e2f252e7fec67634cc0e7
-
SHA256
344b9db9bc33f89eff5507dd72429700e956e549da0d9dde2c65708cdf8c3306
-
SHA512
9052547762b88b09471919187502437e4704fd0fdf5b311cf66a7762824165331a7d34fedd1b9aad575304a076a9881fc9912216529313868689a77cdd0d9ea7
-
SSDEEP
768:Uf6yxMSRtws2KkcPKujZ6kLRLfX10rTuBtCUXD:DyxMWeKkoKujkkLlfaUtCmD
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fb0aeeb3b70472a6a88e18e50d60d6b3_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5a25de934803c2db5c3578dc00ceb958a
SHA1318804968894f16adfea47b24454c2c9f41e90b8
SHA25646127d878661daccf2481539e1a59da3e57b62fe58a321a5a499a77acadbbcc6
SHA5127134a3485d32f4a6b228e434b44803472bcef1a5f545abda59dab12c4b6f27a6ba9f838bd5812db6fcbf950631f51918e062c48ec7772fa29c677ab1df31d3b2