Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    28/09/2024, 15:10

General

  • Target

    fc90cbf46902787d9778fe480d7bc902_JaffaCakes118.pdf

  • Size

    22KB

  • MD5

    fc90cbf46902787d9778fe480d7bc902

  • SHA1

    dc022ab8c4bcea51e374865bff8710997a6a5b64

  • SHA256

    7ab89cbfa5d6d4747ac78f15542f67565417eb037d87d4f2118868c5994fd2a9

  • SHA512

    4c00d226f4131a0b2fcfd827a300bc11f87ec30b3b87c1615b374ca1f52682524efab2e236736bf7f050e8e139fdf08feaec187f8a424cff4e10d318068c4e09

  • SSDEEP

    384:Vzdd9womwOI/ez1+9TuU3HejO525cZajMqL6HYIYHYzlSdha9Ib26bmYlV2qIYzm:VzSoHHmz1nU3HejOQ5eaQu6rYilSdSIe

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fc90cbf46902787d9778fe480d7bc902_JaffaCakes118.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2396

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    176bd6e1e35d8085a3524212dd023595

    SHA1

    8d82efde589c528fd065befccd12d611afac8503

    SHA256

    4bb4925adf0c653223faa4060d79ddf89336e7e59016e16cb4baf81abf434e09

    SHA512

    46f777e7e5ca8bd698a07e3feef1de0ac9dcb46e40533772b2efc4f3858a76d0c0d7908bd25bda999a749abb4c38bc9e98f19310b7090bb0f59e5b32ac7c6a84