Analysis
-
max time kernel
119s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
27/09/2024, 15:43
General
-
Target
faaf0bb7dd163281fbf0dcfb73220044_JaffaCakes118.pdf
-
Size
88KB
-
MD5
faaf0bb7dd163281fbf0dcfb73220044
-
SHA1
c794ce3dfb7382acdc779780bcadf6e16bff5228
-
SHA256
502e1f3181c8014161eac39e41c075c4f42658aaa0389de21ba49d7173e5f8b3
-
SHA512
7f31af5d50d7f1e28c1345a78c223761b28fa09f8f4dc3d9965dcd4230eadb953297e86644f52a9667909ce6f3a763b5ac861595684b16cdd532a8990c0e35d2
-
SSDEEP
1536:8jfLO/grWVlGFdvHT836+cg+FugfKqKbQ6E4Yqhb9WgSWMKI7WapOtQ9mNvE3y:aQxq/Iq+czFugftKbfE4R1jVI0tQKJ
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\faaf0bb7dd163281fbf0dcfb73220044_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5ae5e8713a8a4aa91dd581a56b4d872bf
SHA1bdae9b4a268ac5521f9e7e76905ac4cbbdf1e578
SHA256cf2b78aeb726d073745c9b5df32f139287c893c3596a165e01587fb0e4d7d95b
SHA51291d8aea51888fc140f01588a190f5b6f2538ef36a3317b378c4f5ef1f36caf388f8ce9bf4948fbfc80ae8c9b2f91201bb80f853fa0c07b54f8b600723bb752f1