Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
02-08-2024 21:41
General
-
Target
0811534a295cf1d1f881669ba9996290N.pdf
-
Size
313KB
-
MD5
0811534a295cf1d1f881669ba9996290
-
SHA1
477797533cd42cbe7080fff5a45ac7c828745d86
-
SHA256
18a8cebf95b0d77a2862d173eaa52ec72648d0eda2a25339cef475f91bcf5560
-
SHA512
db903dd6450b052bfea40880131cdd7469461bae4e3f59f7c5dcf4eccc25f644e067a6430f81b6a858dc025c148dc8e4e3c8ecff2d1884fc0ed1fd3bf0319990
-
SSDEEP
3072:s0joBg4sbtyT6EVb3M3TNw05DCemoCaOGTqp4PzRTY1TiU3o3DNIg3N+JuWrQef:qg4sbq3R3M35fJd5G+bRiOUEt3N+JDxf
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0811534a295cf1d1f881669ba9996290N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD58749ac37bca756889a3f4651b8842694
SHA129b1f275f76388d6001f175d88f992cf24a56d1f
SHA2560153ae99a16eba75f3d3908518889e4ca26306ba146c969c50d192f8cf41c53a
SHA512d4460e04be56a9bcc0e4aa4a1956c8aed8cfce16177065d58808d31902c46d3926965368d4c1f4b502ad7a318d19f7eef70c9a941c7b65d138ae5dbaf3ca6110