Analysis

  • max time kernel
    95s
  • max time network
    19s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    05/08/2024, 15:20

General

  • Target

    a613983508d9b00762afc3da81b872e0N.pdf

  • Size

    3.0MB

  • MD5

    a613983508d9b00762afc3da81b872e0

  • SHA1

    5fd8ed533bf2eb5975940779209a3c5d317e85c1

  • SHA256

    0b7220e6faa010fa7f59a7d234cf80c70bb93f023e636ff9f6d692c637ba606a

  • SHA512

    09517638379e1ad69fce974a51996b3845c711c1e620a97268d49a74493ccf8249ac48de1c54bda807d4020f50af7e3562aac34643e5e5b6014f1b6ae29401b5

  • SSDEEP

    24576:xyosxMD9H4ay20c+0BFPVsheVIcHOYYRqrmt8p3BLV5oTlFV+e:IoKYH+kshCVXIYwan5St

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a613983508d9b00762afc3da81b872e0N.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2364

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    3befea1653eab29feb41ea1e2e0622dd

    SHA1

    ef2b271529132cc501252f4e3fb90deed5b8f186

    SHA256

    e352f2d4a212cb0e7a760fe62f36378aa645f5510a63b9d633f9685bb72f6dc0

    SHA512

    931babc77e041c1f57c551d84285a8509b4089202c0a0c7a190c64ea9a210f6abd8b466d6e11e18087e4e0997a04e8c8643664a86f1bacf991fbee20bb18027f