Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    07-08-2024 09:19

General

  • Target

    9b7cb0d74bb5bd65005d4bd3ee85b230N.pdf

  • Size

    139KB

  • MD5

    9b7cb0d74bb5bd65005d4bd3ee85b230

  • SHA1

    ecda81854b4640f560c5b7b847fdbb632e91ab2d

  • SHA256

    a8d9379583cbc15572ee34ba2724727ed1fd3d6a0614e2ec9050d5b1a6b48cb4

  • SHA512

    5571197a38e40c1570d0d8990b0eeb56441128f97d05b3db70384623e0c690e5365eefb87c1b1fe9267f83f27e451ec56ef2e741a834a0b7ce3cd1e3add57b59

  • SSDEEP

    3072:E9CIhFzi56CLq0mahjnvBmH7mBjZmfdQ+o1Yjr2qJ:EHFzXNKjnvB+mqfdnoev

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9b7cb0d74bb5bd65005d4bd3ee85b230N.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2884

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    e028c0801081c48ff6dbb3268189e9a6

    SHA1

    ea2b84853473edfccae49e44139826987708e323

    SHA256

    9de4bcce1099f0c155b35ba3420bc2528906d0933d81a8814d17147abea7f0a7

    SHA512

    afb31dfa0ad6672bea4a0416213e5b4dd95ec42c6da280a51fc4b5742939041cd1acd0168cc7021ea6e1406102d69e2a7cb018a86710cb83ace3ac0e3f313844