Analysis
-
max time kernel
21s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
07-08-2024 13:54
General
-
Target
STATE.pdf
-
Size
677KB
-
MD5
273a419eb61efae21dcd04395c2dba1e
-
SHA1
fe5bb0a2285ff5251884fb1bb696a30477f47073
-
SHA256
b0fd90d391da71f63bf29813877d774e01d31fb964c2b733616a01f77cd26226
-
SHA512
c1a8d3ed08e5e0b987b090e82c8d7184f762b32d44e71ea0b602f2afc081c90959027e79b5c9354081a603576c9cd6f5092134eef658cc5b57e27eb6b5b3f626
-
SSDEEP
12288:uNiaArbBJ1xjI/2BB8jWOlgqMpM3mt+NPAc7NRpj6ymrHU5myyY:uNiRtQouS8gpMW6IUt6/HUgzY
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\STATE.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD512e306c8806f9a07afff339475eeb642
SHA1fa573c31ddabb6c1cd8bc55caa0e1b5d5c051d49
SHA256dd1ca64da7684965e3bf4a2f0ac08f3dd9d2a01364ed64b3ecf6c8983d41fa40
SHA512bbcdc43ee7936b3160a3c33dd252666389d1742a58feff7c8971432f30d7364d4cd007b8cdd03e9f922b3faa83a60ac9a55e22d9899f82e71953ec8b9117a9e1