Analysis
-
max time kernel
96s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
27/09/2024, 09:03
General
-
Target
fa1d0aa02f0ccc2bc4a03f460de9d594_JaffaCakes118.pdf
-
Size
40KB
-
MD5
fa1d0aa02f0ccc2bc4a03f460de9d594
-
SHA1
32b62bec126c895d1cd21d1a6a4c5c442f5b4219
-
SHA256
a9b8af76b0560b5bf68a7414917418f8f6bacef52f17b1cce30e6373cdfd112f
-
SHA512
dc05ba8b1666f79b6a608aca27f4d00379f320dd6c698034d561944f32bebb00829ce6bf52ccdfd869516745708b9daa599fe6db4bebd6489de35a75267dd003
-
SSDEEP
768:zgGzpDmOpecnVPaoscDIu0F2Z3jKhCQ5UoDmw6DGVGdV/M/+5kVTCua:MGFxpZeAQiamwyGVGdVd5kVWua
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fa1d0aa02f0ccc2bc4a03f460de9d594_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD584912c5077f61a0f110da3b960fe8c29
SHA192b6cf0977618872c5f758c2d84223bb679676e1
SHA256c2cffb33efa66dbf3f794823258fcaf7f9877f8c0bf3206fcd7e8ce0072de8e7
SHA5120b3f13222ce02482323f1cea669988ac3bef3a4395466c1972386eb2acbb3e69fd27e68ee846af1584ec4d396511518c61351f4c9654e462a7e1b53929c2bb33