Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
27-09-2024 13:06
General
-
Target
fa750b6ff914f723cf90f28c4edb294e_JaffaCakes118.pdf
-
Size
39KB
-
MD5
fa750b6ff914f723cf90f28c4edb294e
-
SHA1
4019424257d7334b0e828181c9608ae997224c1e
-
SHA256
80fab4be350da324cadaa06b361524f22d26cd216cff9273a4514f1d41de00b8
-
SHA512
959c4cbd0eb453e82be9d7c25e90235eced92c1f593449a54454861cad6933f0f083946e3ad957bfab55a3a1b3b82a9097389cb3d7b5e19087b810286236f90b
-
SSDEEP
768:5g6YJtLwscsz/mfCZSnwE/tSJ1MaVfV0iV1kP7YVpGNmyugDQFaeF62EJ7b918/q:QJ2szuSSdu1MsfV0iV1kP7YVpGNmyugd
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fa750b6ff914f723cf90f28c4edb294e_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD58965873fe831fb0bdf4cab9727c157ae
SHA1d54aa6410d59a50f38774ffb5cb125d219aad471
SHA256f209956798c97e106fa24296351d1a561995ee225b78960ecf8f272526006dec
SHA512fbefa25f1373ee94420eeaa6379947c3b00e8f1d0664154cf2e34961fda65ea01237d958b74b55e126f487079afa9f39809bb917d77a405797c9802c28ed110a