Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
11-01-2025 06:41
General
-
Target
JaffaCakes118_f9cbd2de0f385de53c37ee6488f9c38f.pdf
-
Size
88KB
-
MD5
f9cbd2de0f385de53c37ee6488f9c38f
-
SHA1
bfe555f4c3bb4126dc3e6bf11d44e073c5d9ae0d
-
SHA256
fe94cbcbbe6bfb99a97d6ff82d7328e3757a6a4fdba4dcbfbb4e460c5d0f1f01
-
SHA512
2cef91eb9acbec4f1b042ca71b1e15d252e51527298bfba6a9115bb07cd323c666eef5b9f70a4a58eca9e2854d67e93bad9bb7a897ce6b2ab354fcdc00ec61b9
-
SSDEEP
1536:8EqoPPdLi1RHv1Tzy3w+bCjXAzmVW2S2ilLxfJHci3WcJTdxWmnwRaBrcLuoMW84:lqEcRv1/yA+bwXKJFxLxxcJyAErAuoHF
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_f9cbd2de0f385de53c37ee6488f9c38f.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5539ddbacf19d56948399021f84f50631
SHA1b4a80fea66c1f1e1994cd72845dc6aa9473715e2
SHA25686b07a8dcfb0c84d37ba53c297552f17e78af0d56a2343b9b153e8994b77e463
SHA5127bbc89e68bb417581550940b81393e103bb22bb409a6cde1da36c073e15ec36b5b3c91188654ae89c069c5e65a760c162b54d7053098ab26910101c9d45fdb05