Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
15/03/2025, 21:26
General
-
Target
JaffaCakes118_77f8b202c23021e7fc63ab2c8ea88bdc.pdf
-
Size
6KB
-
MD5
77f8b202c23021e7fc63ab2c8ea88bdc
-
SHA1
5aa39a74bcfb86a2bccf0ad9048197dd2174ceb4
-
SHA256
68366fdf229e78fdb1298ebd40456cc2f0f6fa41683d8a29a00b2e0cd1ba21e7
-
SHA512
02d9a8716814a7ace891c2b29ffdbc2b78d814c6e48835fb30def4bdf9e9403b52d10bbd13eb9fcf2eb3f5e16dba1f235c835b81194a97def80b92b250cc95bb
-
SSDEEP
192:zrzuDN+ld4iXlpdUI3xSywlz9dXKGl0zF02IMbwYDD9fDanjSLJer:3zuRwWu/6IUyGzn5IHjxMuLJer
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_77f8b202c23021e7fc63ab2c8ea88bdc.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5344e6888f2186f4b5f42d99a52d16a28
SHA1a750bd794297b048d885ac47e815a3a1b7851ed3
SHA256cd263b69657b008a6b79335ddb8bce7fa7e281a93f3f0cb751c69cd7c4d139bf
SHA512eed348a87c1777bac7ad208123726dffbaa4f789ba1e56aa7b5f454a3bda2882b1a4b79becaf3c2911eedbb758afc784df351f961e0930cd740986901777ee45