Analysis
-
max time kernel
91s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
-
submitted
22/03/2025, 13:15
General
-
Target
JaffaCakes118_8643cd90aecd0b4073aed2da90a200e9.pdf
-
Size
12KB
-
MD5
8643cd90aecd0b4073aed2da90a200e9
-
SHA1
0802868e224d3df189ec8e7c45f3e7707a8676b4
-
SHA256
272d6abb89106cad02df12c7484bfa3037f3ff0fe520bc1de608ceb6e725edc0
-
SHA512
c1561ffc3f5844c2f623cb741e403fd1faf2cfa49895c2bcfe9a980bab41b3cdaf2eace2a7737bb8e6b4ee8a95efea6f3d9308ebaa5464010e78485e85f1fae4
-
SSDEEP
384:iPz4ULMxLIKXHwPSsO8OEWPMPWXJm35QH2QHsRpDXzNohyR5qkQz:ib/uZXkW/SWX8QWrNohmi
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_8643cd90aecd0b4073aed2da90a200e9.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5197eb327f43cd3ffb5f9d2585ea9a150
SHA11eb6bbad8c863e3fa6207bc8f0642f5b23401fc5
SHA256aad2c22d04f1e5acd88cfacd171fb6e8a20a42a615ef5a36f4436f0020b76611
SHA5121a6b4fe5111a32f558edbf967734cddadf3188c37da207a83fe6a2b63313d7c26cc165acc92e67ea92191239dfc0cbf4209b106a64dfd806799ba39e8c043bea
-
Filesize
472KB