Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
21/03/2025, 11:26
General
-
Target
JaffaCakes118_8305eb2ee0aacecec30f8f58380ad7f8.pdf
-
Size
9KB
-
MD5
8305eb2ee0aacecec30f8f58380ad7f8
-
SHA1
831900a0d91aa01ebbc4e7bc7d759488f5ba1a8b
-
SHA256
39e77e9ce292a4f5ea30935ec5f01e88bcb9d5830b488005af4f8e8668f54598
-
SHA512
edf786973692cc69953dc9d273e1519957869401c016b9c93007a91698250ffa03aa0ce73f9f1106ed13146a4375519fe3e63769d1eadf6277ad0da693047a85
-
SSDEEP
192:PPz4ULMxLIKXHszsAIgi+bI+karKjkPa/1y6e4jmw7blxAGe8yigxw6SHfdAZDyD:PPz4ULMxLIKXHsAAIB+b4arekqo6e4jj
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_8305eb2ee0aacecec30f8f58380ad7f8.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD548c56a31ba01519585a1013e7ccb94e7
SHA1d5d1fe1f1274ea7bded9148d4d3d754ad1eaeaf5
SHA256e2b86e93cd0565bd97e9240af8b532639ffa44f7ddfbef5bfcabe1f06088840b
SHA512a22bad377e81a29b82748bf6c8c3e66045410b630b8ae2124e2254718de56689e62659404723aac70b4f92eb32cb3b8b3e31a4ba4fb64b6bad78404712f199de
-
Filesize
472KB