Analysis
-
max time kernel
96s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
11-01-2025 06:44
General
-
Target
JaffaCakes118_f9da20fcd7253f906ec9f17a5bf42adb.pdf
-
Size
70KB
-
MD5
f9da20fcd7253f906ec9f17a5bf42adb
-
SHA1
4736d05ccb20aeebfc0214032b14a7147124cce4
-
SHA256
e404cfbc733db2bc15abfc909d5a8b7d27929eb7c208179bfcdd869ff556a1fc
-
SHA512
e7800ad6f9b9d1f8a125ee49a603335b615710cdb83f08773795bdd1bfc4b671f999615514c7d919db34505bf9ffa1fc629670620d2b64bef22d477712e9f35a
-
SSDEEP
1536:47dFNKCptTPXQv45R/BKB4uMZsIrG3WfW88EeW8pO7Z9HG9FufO:MjN1zPa45vKB+sG3T8Ed7XG9cW
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_f9da20fcd7253f906ec9f17a5bf42adb.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD53c2d856a433fbb6c6fb51e533f2c32ff
SHA123d6b558b930514ba4bf8b6b34829ba7c497e034
SHA25640e26ef6552b051bbaa4754b02b4c3273b1e927b77a0e904cb4b787f1cfafcc6
SHA512ce923c7baee05770574e8a320b65213263652d23fcb2f5632a76c067571b73c29ea378efe942e3d9a9b9ef45d4f53d44a73f30e4b4d4250f094e4c6f388cb1e6