Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    18/08/2024, 13:23

General

  • Target

    5b9ccc38c7fbb391f4a8ee2c1b8f0550N.pdf

  • Size

    154KB

  • MD5

    5b9ccc38c7fbb391f4a8ee2c1b8f0550

  • SHA1

    cedcfedb8c3975f1bb3a92fda714e20415c43e08

  • SHA256

    48d3788ef5ae2bbcfc8c0f40f0aaf837f78aae8214a84c6b659e5187aab76a3a

  • SHA512

    d47c34f25b48e5f6b6d08d23d42b962930f3592a6d868c1ecb7f7494db8cf7877cd6050dac7b0289057b53af64af2ee5e636aa45412694470aaee8150f33433b

  • SSDEEP

    3072:4X7Xi56CLq0bahjnvBmH7mJjZmfRkQ+oINOV2eGRPYxQcRlLaj:4X7XXsKjnvB+mif+noIMViV

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\5b9ccc38c7fbb391f4a8ee2c1b8f0550N.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2072

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    bd3d9274a42c9e434809fe8b7e6d44c8

    SHA1

    24a927985d1973aa67c65623ec1526c5e72080e7

    SHA256

    9f71d82a11109e8b305ede195bea8d874c8a312402941737ec77dfafc0b3d86c

    SHA512

    4410b8f762f84322820a42d55bffbf15bb613b7e0fba6adfe7f144125ae0dd07617cab70540d28abd6bb5e096e06603e049d2b99b50f8a38e200f69ea542b38c