Analysis
-
max time kernel
122s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
11-01-2025 06:49
General
-
Target
JaffaCakes118_f9fb4f5ca4ef85198dd070241408b21a.pdf
-
Size
83KB
-
MD5
f9fb4f5ca4ef85198dd070241408b21a
-
SHA1
d2e64d10a89542886bb8d313a73f1fa5a82205ab
-
SHA256
df908e55a68a17824dec82d2977743a4e01b0932b7d85690dd96266fcd243dd3
-
SHA512
be4419d5f3c64862d96dd9f0f3d5394e157be3e47e2cb79faa32f4c59902c4236efd0d21be8f503ab36af776becaadc9d799ce7f01756ad9a20bf8938cdf3578
-
SSDEEP
1536:drr42/5HL6kIdfbAzCVoLdIZ3HYW8pOGEWvTNO4hcIBR3JHH:942RHLBgzAzCGBqzGkxIBR3t
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_f9fb4f5ca4ef85198dd070241408b21a.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD572f2743deace8eaa889e0f9ae879f444
SHA18ae8a0cd57c506f6bb1cdd4fabdcf63acd994a30
SHA256a0f1867b4b8745cd147a01af2ed2d4ba3174670cdf6ab9397d786d9ab4112a52
SHA512919b6f502ce8c356ae12bc98a0341eff74759e742f39c5ec8b0b77d2cc575aec46b8a244c93481f61118fb596f313306c52ca730a1d1be1140a40939754cf05f