Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
11-01-2025 06:48
General
-
Target
JaffaCakes118_f9f815251e957dfba454d1b50bbc471f.pdf
-
Size
80KB
-
MD5
f9f815251e957dfba454d1b50bbc471f
-
SHA1
cae60f954625bccb6893c5ddd5c31eb5237f8345
-
SHA256
d08cfcf737a250c16ca2d982273f323850f7a4a8712a25504117207042ccb0a7
-
SHA512
6024d3208611ff82ad551ae7f4ab7d6d80ad014db6acb9f520a272974d67b02a8718455b7dcb666c99e748b0d5d696179fcb9892f48e66862772973a6a27d148
-
SSDEEP
1536:xyszP5R79liWZUJ16A+0RhW0C5C5yIjmo7yrnnbkWOpOwrKW0iQNFcfrNs9VFN:DfODk90mzeyIjmomn9wrBQ/qmzP
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_f9f815251e957dfba454d1b50bbc471f.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD50ebb42e5486167a75a3c366abfb923ba
SHA1940f436b18fb91b3d29799f6479be773abb3a2ae
SHA256f0a6ac6998a3378da0d5fc654fe6002c4841912f159c15e2af38d4e22a08881a
SHA512e869d78917f477758a0f0505e1d2b1e29f8fa3600933e43a6faae35dae13937316ae212342f2f4e5cdc1e2ab22628a7bbff11977f5ba331d84bba1bdce14eb0b