Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
27/09/2024, 16:13
General
-
Target
faba5d509dc6d8c058908a86e5c2cc18_JaffaCakes118.pdf
-
Size
35KB
-
MD5
faba5d509dc6d8c058908a86e5c2cc18
-
SHA1
1cc72a258bbd96c4b898cedba3585119116dec84
-
SHA256
1b5ae30e9b993ba310c7e1c3ea826e309ca3cdaa16e2e25ebc850fd21ec59da6
-
SHA512
3edaf9ddf0bc4f7f86af196e0361dc34a70f287668a369700dbea5b9eab8a585d3936cb414fb61ea18457f1d536dd1df1c49fd82fcac0755c9512be873324d1b
-
SSDEEP
768:CXuMZmwgCLWarpXVNHF1mEf0UqmEC6AhYoBj66yMScAH738qN:CXFZmGWSZHF1mw0UqmEC6AhYayQAHTDN
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\faba5d509dc6d8c058908a86e5c2cc18_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5f3b178ed5084f318f73373cf2e7bfdca
SHA153b296d6af9f3386a7d7aac230190edf5b309aca
SHA25686fd75daddb9c404502e7892a5cf0c835e68e8cf4f7785f0aa01228a7e1b3c27
SHA51223a11f7853c15fc446bd238cff6f845a391ee68e71bdfda1582031e8a74dfa5fa2c58de8fdeded6ea7348bdedbfbe83d0f423ebc0a431df76c54376bb65ba4b0