Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
18/08/2024, 13:23
General
-
Target
5b9ccc38c7fbb391f4a8ee2c1b8f0550N.pdf
-
Size
154KB
-
MD5
5b9ccc38c7fbb391f4a8ee2c1b8f0550
-
SHA1
cedcfedb8c3975f1bb3a92fda714e20415c43e08
-
SHA256
48d3788ef5ae2bbcfc8c0f40f0aaf837f78aae8214a84c6b659e5187aab76a3a
-
SHA512
d47c34f25b48e5f6b6d08d23d42b962930f3592a6d868c1ecb7f7494db8cf7877cd6050dac7b0289057b53af64af2ee5e636aa45412694470aaee8150f33433b
-
SSDEEP
3072:4X7Xi56CLq0bahjnvBmH7mJjZmfRkQ+oINOV2eGRPYxQcRlLaj:4X7XXsKjnvB+mif+noIMViV
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\5b9ccc38c7fbb391f4a8ee2c1b8f0550N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5bd3d9274a42c9e434809fe8b7e6d44c8
SHA124a927985d1973aa67c65623ec1526c5e72080e7
SHA2569f71d82a11109e8b305ede195bea8d874c8a312402941737ec77dfafc0b3d86c
SHA5124410b8f762f84322820a42d55bffbf15bb613b7e0fba6adfe7f144125ae0dd07617cab70540d28abd6bb5e096e06603e049d2b99b50f8a38e200f69ea542b38c