Analysis
-
max time kernel
118s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
28-09-2024 15:38
General
-
Target
fc9c69b68708dc15da8a11f1e08a506d_JaffaCakes118.pdf
-
Size
72KB
-
MD5
fc9c69b68708dc15da8a11f1e08a506d
-
SHA1
41b7d2b9f6445b2f1d85019b6b156b84b8c623e2
-
SHA256
a3f21c1d454234de19ff751bd765b0be05587017dd9be225f16afe32735c1eca
-
SHA512
7d39c9725b46768222d6a9497e8c4b31e9ac779f4ef5a58dfa1f7de4d7cbfb97e49a9992d084818ffb5b1aec80760abb008e072ab182addb6ba444160d0993e2
-
SSDEEP
1536:+Fom8LTUBix+KjtskPbE7Lgu/paWsHPlfIx8gRwBEqbtl3rbkoiqWDmix:SIyS+6skPbQLgucRCmDTbtdr/i5vx
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fc9c69b68708dc15da8a11f1e08a506d_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5bdfaea907f42a54ad6d42f92be2a56b2
SHA179e267f59c83d7512890ae99d92e3d157f92fca6
SHA256bc66b1f171f29c1caf9f1653753cdc6e8875c4fb3293a04c1f654b707f712eec
SHA512ec120f5604000cbcaae4dca944103a7343b558c2ba1983a890abc1210fa210becae32656269c3968c9319a2b5a833ff708e57b53e7f9a20737b3472a0267eb63