Analysis
-
max time kernel
91s -
max time network
18s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
27/07/2024, 11:45
General
-
Target
bf681d6c43c6ebc6c4b424838b65ade0N.pdf
-
Size
275KB
-
MD5
bf681d6c43c6ebc6c4b424838b65ade0
-
SHA1
fe2c17aafb05740b22d182dbc9309bb403a89632
-
SHA256
786f5cf635541255961a0d99fafaed3d832c959a1ba14f65d79ef43a7fb8849a
-
SHA512
f630a7b3ee315f6800a1f0a7ceea5d380d9d9372bab07e451c98c1c8a7882e7c1633206308dcf420040d2ccb72275cf1cbad9ec53b6b980d04df4e11d5215d4a
-
SSDEEP
6144:o84r+JIO02nzMylSYw7bVc/Rx00U0l+0GfYc9p8SbYQ5gTus5yRrddzz4vCQ:oTWIenflvqbVc/RFlTy9ptbYLus5+r3q
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\bf681d6c43c6ebc6c4b424838b65ade0N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD57cac4f22c6cb992eb5dcbe6903dac196
SHA1db25c60e2b6612e93aa9a58a240609155513df2b
SHA256ebb059d312c2408aac75b5be68ebcb78e2468779bb8f2b3c0bf1168ce0b8505f
SHA51286f25a98f2dc4c5eef1d58e07024a0f99f006e190c492437c8c1a3cb3fc5fbdfa9b607f7435151ad1c62b07e5eb3679a719570875dfef891c8f60227393430ae