Overview

overview

6

Static

static

6

687a6d36e6...18.pdf

windows7-x64

3

687a6d36e6...18.pdf

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    23-07-2024 17:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    687a6d36e6c4a0fc92b0335c0a29b939_JaffaCakes118.pdf

  • Size

    110KB

  • MD5

    687a6d36e6c4a0fc92b0335c0a29b939

  • SHA1

    401583aaf38728b6e4f8c93c80a96c2200abc008

  • SHA256

    40b924ecb9e2b0a4b413a5f2553f75fc9b7f38cff4891d9a14078c7a498533a8

  • SHA512

    36eb27dc18685d74327d55ea54b6034ecfe632df616ddd58b97dbca37dd29f3f8ee0f9b7c3ba78987cb207552b17269919e2f93b45811a8db569708de31576cd

  • SSDEEP

    768:D+/WZSVsV1YPveYmYGbLB/vbQNK775BoQ4mijVJipEhiD6T+bIxp0sO9PGVigGZw:A

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\687a6d36e6c4a0fc92b0335c0a29b939_JaffaCakes118.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:2960

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2960-0-0x0000000002A70000-0x0000000002AE6000-memory.dmp

    Filesize

    472KB

    Download

  • memory/2960-3-0x0000000000E80000-0x0000000000E81000-memory.dmp

    Filesize

    4KB

    Download