Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
11-01-2025 06:45
General
-
Target
JaffaCakes118_f9e19e4ba4d33e975c84d32cee8105cb.pdf
-
Size
70KB
-
MD5
f9e19e4ba4d33e975c84d32cee8105cb
-
SHA1
f47262d993e8fb5555854feb3026d1391d85369a
-
SHA256
be46051fcd2c229d195b2df4fa04035b48c736a1bf7f04a1145d03f131b5e261
-
SHA512
dd3368be4426bfb4370789ae5410acad0f3b08fef9e5bc11ece1a12001f857677c61f7feace1619b048a504b776a78faab78ed967b23316355ad660679fc5e49
-
SSDEEP
1536:0K0jlBSsfX/+7GTFGefzglpM5Vs0RMwNB4PeawV99JfW6pOu26WqfIhsv789:v0jlffX/+7GTFiOuwNSeawVh0u24Ihsi
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_f9e19e4ba4d33e975c84d32cee8105cb.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5b972aa58683bac5fccef6da1a12f5f50
SHA13135d0f30ef5f3b2d36f94798442eee713d8559e
SHA2562085c656f53c847da44e4929dda034cc5a0506ecc7992756ade1632ff5fec6d5
SHA512041afb07db1ffa0c9ae7f841c1e994f34cd0bd1541ac98a5fb8c922836da645eb11df72b19fed7a0f77cd183ab0bf1d91c9dabeb996bd41b93dd93ddcdd8103f