Overview

overview

6

Static

static

6

6a0ced281e...18.pdf

windows7-x64

3

6a0ced281e...18.pdf

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    24-07-2024 03:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6a0ced281eb79e48ecf3bf6ca6de53db_JaffaCakes118.pdf

  • Size

    73KB

  • MD5

    6a0ced281eb79e48ecf3bf6ca6de53db

  • SHA1

    52abdff1459359387a47f8f74618c088625b22bd

  • SHA256

    6a58c6eb245f98effb0c275c437e53852185499e41cd275d767a1b4e962165a0

  • SHA512

    491007dd211df0c85cdf006014bca49e64347285667c0f10efd8dad01fdd96d112e5cee5f81e7db48a3f1c651624917b2181ac095aec7ff048ce9f1c7ab4ba43

  • SSDEEP

    96:WEDsNyfV0aWJ5vFB+OFnVQUPpT5GXClzwYOWh5uslbzWgnR3rW/82mi94XBaILRS:WysN0AFyapTNlEYOaWgJSHYIAM9NP4F+

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\6a0ced281eb79e48ecf3bf6ca6de53db_JaffaCakes118.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:2688

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2688-0-0x00000000035F0000-0x0000000003666000-memory.dmp

    Filesize

    472KB

    Download

  • memory/2688-3-0x00000000025F0000-0x00000000025F1000-memory.dmp

    Filesize

    4KB

    Download