Analysis
-
max time kernel
120s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
28/09/2024, 06:56
General
-
Target
fbbcb7bf686ea2fa8ebb978035b6f2a2_JaffaCakes118.pdf
-
Size
361KB
-
MD5
fbbcb7bf686ea2fa8ebb978035b6f2a2
-
SHA1
3e72292792773ea166aae06649400dc46c49f7f2
-
SHA256
ca4efb5d9ff7888380acc7bef55f2c5ddd00b65c42eba0916ed990cece6b98df
-
SHA512
1bf1858a0c0704d74cf21f2bf8d07676c9765d5bc49315bfa55a9dee4222801093be5996f6b92ab2ed0d23db054890ff302885b4bbc6fcb5ec743c2db1842d11
-
SSDEEP
6144:TAPM4NKyXcXkiQzyymDwOd5QYIjmQLt2yv1e0yV95F4Sl0MyWXMUJSKHt464Vu9F:eMGoFQzaDwGaY4mTyA0u4SlpyWhAKHKi
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fbbcb7bf686ea2fa8ebb978035b6f2a2_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD52c609e4392c204abd259871e7703a06a
SHA1b175a03b49d4b30bd06ad9e7ee78230a57bedf37
SHA256e99e3ead505fec0b071401a218cd33fbdabd8f1b1f1f0039ba99cb5d329ea173
SHA5126fdd191ac5232b0bc11793f8b28fc30da22be3efb64964f178a0f3c0ef5b1af6bae2ef5185ac8eee4042cab8e0c49ae584ad81a14a76ceb45e36e559709c1060