Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
28-09-2024 01:37
General
-
Target
fb425bdce4eda9552ccb7918e03aa642_JaffaCakes118.pdf
-
Size
15KB
-
MD5
fb425bdce4eda9552ccb7918e03aa642
-
SHA1
8b6cb898268811bbc3c05efb322621220d9a440b
-
SHA256
2665f587a61acd4464af882c64fbd7f8af8fcbd0680e6d55b8b86a549bc82490
-
SHA512
3fd822e0d89629dac6c4d49c92e52bcaa58675d9611b766c8c600a272277fd20a5f43d75372051ce682590fdf3579b962f2358f79ec02f9a1f5df8404e31f948
-
SSDEEP
384:VznZ/gICz1vlECQ9nEltCJMho8PfiSd7lThpbt2iHcxol7Pbc3Hh3c2VSmQ2UW1a:VzZgz1tECQ9nEltQ2oyfBdZrbt2iu475
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fb425bdce4eda9552ccb7918e03aa642_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD575c56d5bfeb5a7cff30581ec60f2a97b
SHA16559b3fccc48d68fba6ec3333d7436d4378bb0eb
SHA25604444c9a817f12b8c18311687c5ecd0b10fc1b8182ce68b1f2937ae2a70c461a
SHA5129f0e67031b165b14ed30e63ce2a39721cf9fa44cdcb78fdb811b57c634432b030febdb462bdbb9b74f7042b9740993caee3b0440ea162748a4c0d83757927ff9