Analysis

  • max time kernel
    94s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    07/08/2024, 01:32

General

  • Target

    40df8d2f3e3c3364f4ed6afb5bca3750N.pdf

  • Size

    154KB

  • MD5

    40df8d2f3e3c3364f4ed6afb5bca3750

  • SHA1

    3b881a846a0c7a8e0ed210e43772599d7c1512c9

  • SHA256

    8d17d2572b2bc77ea298ce7696efaf241bc70f0ef902b4b5b4e85191ac73bc0f

  • SHA512

    b47fe4765695abae45f542a6992788f6bb87ea5e1d105145c7ee14539d5e0b09e00491b740cfdf4365811780cec389bc8b7b9c3ae590b1651e093086d3d2f300

  • SSDEEP

    3072:/+i56CLq0bahjnvBmH7mJjZmfRkQ+oZtzD+avk/4pq6EpGIYQ:/+XsKjnvB+mif+no7D+ak

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\40df8d2f3e3c3364f4ed6afb5bca3750N.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2400

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

          Filesize

          3KB

          MD5

          2d2fa3bed60d45eb1e75cf19505dfab2

          SHA1

          750edf977a6409c369f88fe135647be942c93eb1

          SHA256

          59c53e5285d27b131b8d843201d048a54608f31acab23722afc2bde1309f9ac8

          SHA512

          463cded6f49f65708f7580d126526a419fde51bfa82903b94f2a12cde82528f9276434d4b2f19a51b6fc4cb51ad898a3852737e256217c8182d03f7f53a2cddc