Analysis Overview
SHA256
11fda4c8a664408e930e07d16cb4a043b5f54a489c12a356a310a074b1222901
Threat Level: Known bad
The file 03.11.2024.SİPARİŞ.LİSTESİ.1.PDF.jar was found to be: Known bad.
Malicious Activity Summary
Class file contains resources related to AdWind
Adwind family
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-11-07 19:07
Signatures
Adwind family
Class file contains resources related to AdWind
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-07 19:07
Reported
2024-11-07 19:09
Platform
win7-20241010-en
Max time kernel
121s
Max time network
126s
Command Line
Signatures
Processes
C:\Windows\system32\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\03.11.2024.SİPARİŞ.LİSTESİ.1.PDF.jar
Network
Files
Analysis: behavioral2
Detonation Overview
Submitted
2024-11-07 19:07
Reported
2024-11-07 19:09
Platform
win10v2004-20241007-en
Max time kernel
150s
Max time network
149s
Command Line
Signatures
Processes
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\03.11.2024.SİPARİŞ.LİSTESİ.1.PDF.jar
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.87.175.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | udp |