Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
11-01-2025 06:41
General
-
Target
JaffaCakes118_f9cb6ad7bd89f7baca9f9c8e5b3fbb9a.pdf
-
Size
80KB
-
MD5
f9cb6ad7bd89f7baca9f9c8e5b3fbb9a
-
SHA1
9b9681d1edf7e91c9df89195b5a4738c28732816
-
SHA256
6808295c20c504a890bc9b6d38e51c62a6c5ae91808c345b3809e984dba5d884
-
SHA512
1549ebaeab44263fa0f30fe0eb7a38c99538007ce762bf8769e9365703f6b5b801c5721c0d5b8067d0ee12aaa77cfa87e7b5af53e7b024900f9a0765cedcfc93
-
SSDEEP
1536:4L0JFQLWBLrtUlAJoZVwanqPcOwy5sZWcZ/xA9D6TkkLvW8pO78P1:F7HUlMEwaqPcOoNxADMnLi7C
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_f9cb6ad7bd89f7baca9f9c8e5b3fbb9a.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5f062f7aeaef71399c16b6b230d0ebe9d
SHA1a1c6f2b1e07370264a884c4d6f742fb10010a71f
SHA25670d295c75a30068be9a941794bd9b05abc7676ebb6ef56a740682afb34fee246
SHA5127cfeb2b5080e665c714b00dac6deb60a1a988847d128463772e9aeec68ba67a4c65e3f6e6c578ec148c623d01d3d05534897f8e85946f1ec2489fb5988d144fe