Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
28/09/2024, 15:10
General
-
Target
fc90ae5ef1d3ac626b827cc96de443d3_JaffaCakes118.pdf
-
Size
84KB
-
MD5
fc90ae5ef1d3ac626b827cc96de443d3
-
SHA1
9d35bb75586e1211835d14cb9a466cfbb5b0a1be
-
SHA256
7b85b40e053b40777e9803f1c1553539ec941c0799c4a738a33f25add4711ede
-
SHA512
d7afa7e8c3837c15654f961933fa1dd02720a26da591e8caeba4d2b2d7bb0a595a6767cd940dc0aa1a19a2383702e5f3271888e6d763ce67755a3145e602d00c
-
SSDEEP
1536:e4XIEiJmY2+9ON6ynaj3p/n91V/lNJcLBTu8FrgXWwpOSMOoRoWz/QkySSolG5:HjgyN6CAlVJctTu2PSMdRjHOoO
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fc90ae5ef1d3ac626b827cc96de443d3_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD54b09f17dcedab27fc0486a8a7f49af1a
SHA11994be4bc4f68979f217149294618c69e25e880d
SHA2560a89bc76ffd6933c6599ea7ac801bf29ada819431b5240d986e33e43825ab9cc
SHA5124f642f7577925a4205d48462173c0f591388dbc857d30c6519564d1ca31d3e3aca2c60a73a34e65ea32a92baefc01059f2d4a30affdc6ffb1f95317d14de810c