Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
11-01-2025 06:46
General
-
Target
JaffaCakes118_f9ebf44624ff792a48dc8a89ecc179ef.pdf
-
Size
73KB
-
MD5
f9ebf44624ff792a48dc8a89ecc179ef
-
SHA1
acd9fb1e12b74697ff769d8574632660c5fe4694
-
SHA256
3a4f504155c33a68b9e203eca8446f29a269f59b1924da33717e39dc7d81b0fe
-
SHA512
8319bbb8b764d3bcaaa56c77d67cc53696a37f2188dfa4d7e74419c6e203430340dc90777c0d7d86fd81d8ca3ebdc9703562b5d15e2878852977c2fdbb8cd1e9
-
SSDEEP
1536:Ocmp/+l4FQ4w8s58OllV1jOW6pOu27ImI4WlLXI02p:NS/iGQ4dROllb3u28rBIn
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_f9ebf44624ff792a48dc8a89ecc179ef.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5d5fd2e54ab1485259aeb14e3827469e2
SHA15e788d4beb0b5c62c881ff2caa0688505430bc61
SHA25645092e9ff34cd9d76d013e944746c2e7aac9f3866a63a4f678c2040e668b23cb
SHA512e84550fa284b4505643612a52d2981327780a1adb87843bc1c0797b250eb9c38830ba9febf356c7ad8c1fda77f7391be43b492a4cdaa5138297971eeb1754d06