Analysis
-
max time kernel
118s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
19/08/2024, 09:59
General
-
Target
e2babcb88401bc5b010f3bab5ae84563cfb606bc9e22357dfb7c09adaa10d7ce.pdf
-
Size
20KB
-
MD5
4486db5e198feb8e49775ad317f8ed2d
-
SHA1
bf02f0c2e0fa6fc00aa55b64a86daabd7934e5f5
-
SHA256
e2babcb88401bc5b010f3bab5ae84563cfb606bc9e22357dfb7c09adaa10d7ce
-
SHA512
bcebaec80e0f22eee28096482a8e4dd8ccde09cee99f1e3f2f63cbd52d7d39453adc551c87e49edde9b2aa0fd4506cae993d1e88db775c1537881f1aa09ccd77
-
SSDEEP
384:axla+makK9F/i/be1Xrk7S8VxbQfp8+ZZ389tm5nljCZ8OE7xASUlrEQMr:Qla///bU7kHsfp8+jksRatS2Yr
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\e2babcb88401bc5b010f3bab5ae84563cfb606bc9e22357dfb7c09adaa10d7ce.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5cadaf13a58ba818ad0222fe9836d67ec
SHA1c1d21f4fc35f6e70794085ba8016197bcfbfe9fb
SHA256ffecc7bc3a3e42f5033bb47df21406e9317b4ef7153d140e087a3aa22e6f11af
SHA5122a969555b8669dfa3ddc8e4fec053c590eeb28818e23070c58b50161d8111ae3c839f38325cf670943775ad6a683b5fbf248d1fafda70567503c3b4082cf4930
-
Filesize
472KB