Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
28/09/2024, 07:29
General
-
Target
fbcba8a4ba5d236aa05f28f02279691d_JaffaCakes118.pdf
-
Size
83KB
-
MD5
fbcba8a4ba5d236aa05f28f02279691d
-
SHA1
493916d0682b69a870138d656d9f2e329f8fdba9
-
SHA256
2611123c817ce3e47def492214057d7edb23111f72d3e749f84a7143c66c7e16
-
SHA512
c67222aea19aaf2eff0233c95b513437632bc70797685f0f59f9ccc8c043272f6428331ba50713f5b1a345a0f719eb28f9b16b1d417a352b39ab12175a127c62
-
SSDEEP
1536:dvrPTXr2QkMbHdkEaDAaUU+QmL5Seo9RF3i79Wd0VHMGXMWepOya/zxfDdUl:1r2QHHd1BaUUdmL5oRE7ywNXZyarW
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fbcba8a4ba5d236aa05f28f02279691d_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD534b1d15fb812b3c2afbec5528468d0d1
SHA1f052519aadbd9758e891030051ce29cc0c8ee6d5
SHA256e5454da2dfd4d79a338643c77d6859505dc97cb1a30c61e20e106d422f243a54
SHA5122217e6671e5b06b7dabab8e6dff66a806e423cf71c0a24379f5465c5f5fda81c73cf9d1b7cdb795e4f36ac3418d2ac60753c24f53c295c39160d86b1ff18e7c3