Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
22/08/2024, 18:00
General
-
Target
1900ff959c377d042f3bfb9f195fb3a0N.pdf
-
Size
151KB
-
MD5
1900ff959c377d042f3bfb9f195fb3a0
-
SHA1
cc58005de30009b2ba94c8196f88617256803513
-
SHA256
6097d6890898d7c106d61d46b8ef419f85f9f2d9c41ae7515cacd98539c3bfce
-
SHA512
f03d315b73f69e2b891ce1988f49f067f7d91c4e8ef4b68281f1f4b71d02ac8143644aff48e252ffa8be8ea8728ec5fac8083522e3e6416a49098077e41e70d4
-
SSDEEP
3072:gwbi56CLq0NahjnvBmH7mCjZmfPsQ+ouldjSS3DGt0M:NXyKjnvB+mPfUnouPTSn
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\1900ff959c377d042f3bfb9f195fb3a0N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5f336b208cf5666a35b7d48920a02c768
SHA15379f2f5fd798f62873e7e77c079668396f07c4b
SHA256952c3dbff592b53789cef73ccc202c6c1495d4b69303db87a9c759af143fd303
SHA512adc4d738c06d6ee7e7c1486d8d5dc7151bad66deb896abd7186c9192ef301aa6dc85ff7c8044f223ef6dd52540fcc957a422f9b20833128b0366c12b1f9a70ae