Analysis
-
max time kernel
91s -
max time network
18s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
27/07/2024, 05:21
General
-
Target
97c800c429f33abcd0f3febee25178e0N.pdf
-
Size
190KB
-
MD5
97c800c429f33abcd0f3febee25178e0
-
SHA1
11ca977caf313a607b2e9fcd9c603908b603f1d3
-
SHA256
7d625b9831cd288857c072cee38b64c44865b2af71e43e60d623460c9b83e340
-
SHA512
bf8ec6128a98d97463a8fc73022741d8df7832bb0a782e68a5d660a4550d39b350b9d98884e48d3a08006ca75da9efd08ef01a8ee8eba488160c8622d816ad9a
-
SSDEEP
3072:Rknu3a3nozBBNTOHcTWzkhSA2lZYvmW+XwPjp0AEyNOwjP054koOGjd7TPR30:Rkn93ozBfOHcCzASAb+APjJ82u
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\97c800c429f33abcd0f3febee25178e0N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5201645bdba8263e65ae96232b6340692
SHA147cc9b47ef6f8f191dfff92688d1e7ecadf83724
SHA2561097ea6afbfd83e2fa741c739625ce7733e6808629572584b20e98dba5b7d401
SHA512e03740448337adbf9c97efe851cf2c33435e3a6044d85f6a878f4d0c29482de91bcb4f6dbeb894dceb4f9386c9d7507e8a50ccc8ff03f44f6f39a8751771b0f6