Analysis
-
max time kernel
122s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
28/09/2024, 16:05
General
-
Target
fca8b02bbe0c722ed0a37f2310cd5cd7_JaffaCakes118.pdf
-
Size
46KB
-
MD5
fca8b02bbe0c722ed0a37f2310cd5cd7
-
SHA1
8af5601fcee6374546324b6be1dd5f3dec3cee07
-
SHA256
310c7e9eae3501440c87cc1c313e482d98ec70a914c03c3c027fa6db8a775116
-
SHA512
f3b4e6d24b1bb78ca0b5615837d0b33739a5fe6aaa7dcea4b241460b91eff00ebad1c0ff1381d082603c55bd937d672d5b108a147e51d61468966595715e8a8d
-
SSDEEP
768:iVIa8PxKRTynEl+qYQY8tc9FPGUgqboyzWEh0sZVBLZM+4FBZ2:iVxqsRNaLPGKboS0GLP+Z2
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fca8b02bbe0c722ed0a37f2310cd5cd7_JaffaCakes118.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD50d72ac07c0b97156bae4d121cb13d53b
SHA1105babef8ba615fc1beb2b52235d78f0c0810bdb
SHA2565208fe8bd14b51abf4b40cb6b2be5fa4641c3448b544b7b8da08b95a56608753
SHA512eabc3d356032a1b7dad64730dd713b713b8bc69a37155f6db8383f746d385dfa1265cc391ebdfdcdf3cf963b48347a5294087fc6ed3ac01f8c12be41f3ef6962