Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
11-01-2025 06:51
General
-
Target
JaffaCakes118_fa08aba78ac812797df5d9afb12b58c4.pdf
-
Size
85KB
-
MD5
fa08aba78ac812797df5d9afb12b58c4
-
SHA1
e4f699564db5c58ac4661c660008028ee007d778
-
SHA256
c4d7c1cfc73028d36565e232bafe92a0cef6404a1f0d0fd997443bc699aa4cdf
-
SHA512
cb522923f5183102f855e30fe37f4db6646128249a076b6d811221f0d16cf6a765ac256adfcbc9027011c7d9e68e376e517450610b7f79cfde85342bbcadb685
-
SSDEEP
1536:GF9OWJiEM7U7+t1jy5X0uJiY7rcECWG6STDw6SaIWqWU6KAlCXWApO6SL3ex:YiEM7U7gZq0+iY7rVPGZTDw7aaZzW6SQ
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_fa08aba78ac812797df5d9afb12b58c4.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD50c82ba8173f395e4dfc68acc853757ba
SHA1d73c95bd393f8b971307ccfc11f07aefb305aace
SHA256dd9136dcede5917988cd6ee123ffe8ff1b9e4ca2bd516c987977cdac12aa9a09
SHA512645964b43d642c2cbcfdfb6a88330638086bb9e8408b57bcb2bd0f76f8d6d2f25a1a6da415fcb1110deb7389ff68752eb4dfd34a4931f8814f3159156a037389