Overview

overview

4

Static

static

4

Journals -...P).pdf

windows7-x64

3

Journals -...P).pdf

windows10-2004-x64

3

Analysis

  • max time kernel
    103s
  • max time network
    104s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    23-08-2024 15:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Journals - Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP).pdf

  • Size

    311KB

  • MD5

    bcd44ab30a1ac8b74c4ecb6811857c86

  • SHA1

    a45ede8b7ccde6a3ce9615ca5273b79107140334

  • SHA256

    6b4318154ac11e5377fcbb4346c3a8e969c2c0723985bda95d11203f6b36409a

  • SHA512

    1be8f46f1ec502dbdc42936a8ba4200943cec7a28b4e7e95c725940e508c2db75970bb9e9097f66d7b4b0f18dc9fcfc85c12d4a403568cf18fc1d149b51f4712

  • SSDEEP

    6144:1YIz1zaiPx0f8PydQYu9RY46H6bkm1yrJSf:1Ya1z350klYAu4G6bkm1Gcf

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 4 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 63 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SetWindowsHookEx 16 IoCs
  • Suspicious use of WriteProcessMemory 20 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Journals - Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP).pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2336
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.blueeyesintelligence.org/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2788
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2788 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2736
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2788 CREDAT:1061909 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2500
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://www.ijbsac.org/article-submission-system/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1184
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1184 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2612

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    88555da6fb503af49bae3f1819958171

    SHA1

    4e7087b39af783a90eadc3debd45c34338e767d6

    SHA256

    e15e26fb030e0bb92a7577d3d4e80d47030e6621be87a01a00d59a8692916485

    SHA512

    310df216b4389ab424288cf796b137c65d6466f8a344e355d12c4f398320fb9c5659b995d08e8c3c21d67be30757ff429c41ec4c7e036da00f31b219d9b8723e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    62005de7d5a86ecf206f7929f2b130e2

    SHA1

    b8c991c0f48e6cd160ab9072be18d35aa13b41f2

    SHA256

    e5507c3bb8d7595ff3f63acd518642b2dc49c3bbdc6887749399bcf9ceaeb040

    SHA512

    1057756799a6777654a7acd8ad83d7bdbc41f335bdadf873b365c5746686c9e5fc153ef3dccf5b336832aec86d3da7e37c86baf41019143cb17ad21a531173a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8f1e2cadb48764a7c5a492fa47a88d5f

    SHA1

    22bc70af9dd795c7cb344a888eb4c5c47568ef6b

    SHA256

    900bfba58a1778a278f1fa8334ca296072069048b8ed4356d32ea1346e7a5dd6

    SHA512

    907ac81a169d0a3633e0efdb9e3b60ea871ddc2824dccf311e0d6f2f41f7da65f5fd4064270739ebc48d2b5d989003418449746c14bec4655dae3b70a817d09e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8e22e4028d940f63b96ce7efde5b67eb

    SHA1

    dd5d4c1fbc3099306a6da57592c70d8177d05fe4

    SHA256

    7a850f7816e90d489aff0876bd8f32b1f172765a14990261896b6e7879ed1219

    SHA512

    41c7e7631506cce026bf7b5a8bbdcd5f9c521ca03bc503acddb12da214c99cacee78447ff096186c710e15203a034158dac2bf163ebff10db3589ff9e60b68c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dd8673f4c2371aac065a821606902bf3

    SHA1

    960b02c29c47ea036017d98c214f05a425528f05

    SHA256

    702a3ac6413fc57f6f624001c5c1c88e71d9a1edacf3787cf008fa1f8ac8d111

    SHA512

    f03ac1e08f2f4b159121fc6071b4476b9440f45ca99df81dd6e6e1bd60c48b95670831db3b7352f50e26374304901e0c1adbe81176ec9492da06940c80fb749d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1789c707da6715117cb959d6659fdf1e

    SHA1

    db5d9786d1f6a87a79f24799efd7f20e8a8544d3

    SHA256

    3c950a3fd2754401c54da1f8cce47dc0218c6403a655aba9bb9f5f4c89a2301a

    SHA512

    0cf0b3308c9467140387a306c3eca0aa0fb0fbf3251656145992384a4c248f1e06a7cb211b6a5f0152ac535cab62aa8f260f2732f7a0cefaa382887ce10c5770

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    df5c7aad3e6a5d5697c818ea907972dc

    SHA1

    c49b1e6f1c14e6de5a64e9393b1645b3d011408f

    SHA256

    94065b0ae81bdf18d2818438eaa5be669e44f62e9112cd2261dbbf59a39404a3

    SHA512

    d5dad2443329f12ac7e83aa312f662d1c030224e2734565a94f9f9859ad006c552d9bff246cf9f75729c54654aa5eb6a64c64821343de27229e60f2d5733a4b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e5dcb41ddc109d06da384888857f85a8

    SHA1

    34bd05addf32c48ecd3a46818f35824a0abca9f2

    SHA256

    eae7ae625bcca50fdfd3616ac8822b7e960687400ec6ca0278c44727e4d17a43

    SHA512

    5155b519d57589abc09a4228f27c9c5b3ca8091861c93bc6def1ca959cfb757ac2a5681c40fa86473997e6e20612c79240895d63ae6099c519e6bc334ebd1878

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    31b22107948b76741dbd9bb5280a0d4d

    SHA1

    ca4a734aa1b7570ba2ef4b9465c2a58de942dbce

    SHA256

    f6512234693f609a68aa492552c35456974ddd6188052297c3062b03b5db2e13

    SHA512

    6e052a3f916617050ca0bb11e0301102a7b6157f5989351a6b87d2f3ccd421591cec4dcb4df9fde915e9aa38246eda5009c6dccc1079fbb55c6eb69b8b6a79b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2647eb7ab206ba4e05a8adbb86bc2d26

    SHA1

    291d2962c230e7e3114db6fd13e128808fe20dfc

    SHA256

    d45264df590323998620400e103033acdd8b00e9abe4e4473994dd87a94843ff

    SHA512

    6261fd30d7c716fa60d5496ae11a6f79ef1468faa723e161c9ebdb087841be6a0e03df85fd0a53f9959ecb527d14294286412f73aa9fa18b1110ab1539532136

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5e02d379a60c8169f8bb53ca59321a4b

    SHA1

    db10624674163b96d08955657b45bb64a2e50a4c

    SHA256

    183863d20b83d2718464477e5dc768a396f6e747443dfabe17ad3344a3327f95

    SHA512

    c9399ac0a0cc643fc150d9332a0b37a5fb0b132733dbd6075f0e10ce5ba8977a9346408027dca57626d3a6692d1c6776a714637a6138e821b522720d34a3fd39

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b27869f8b8227151249963417e67ec0b

    SHA1

    eb62396c84af53e2c27c2ffe628bcc87eb2402b7

    SHA256

    d40f16929e3c6d0c054af9851b80956c70501a6c920e7e56df73c4952a80a869

    SHA512

    93a1b634eb99d520d930f3b19850e698742521937071eee659ee67662209fc8338f2959cdaf160fe964c77a565c10d0ca65d4a4497a523143b9225782c9dedb8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    19c79c3084fff9753fcbb601216869dd

    SHA1

    2f2ec61db3610fed885fceb0190cdf1ec75f2fec

    SHA256

    6a2dd561d4e0a291eca1121f30f25e91731c9765be2052919e321b867716c561

    SHA512

    61ef9a3fabbfd19adba752e3f499048dcdf7d331bf40d1a48ab1d837151e1ab42d4ca92f8dedfaaa4e0b911cbe8c639921ce1ebb8a5b048a60602c1096b3acc8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d097267a84942dfdd61b78edcc45ef24

    SHA1

    49419f8a1bb8d79585f241e85937d46e46985465

    SHA256

    264f01f926176996ab680aa64ec7dd6e4168db70e55d8ac88928533d04eb4fad

    SHA512

    645a5b1a8a57aa17d4656c895cfbe08132e70b81680e7947d3e2b12d99a8f45db68c607a52e0aae6e58f65ac5d7d7e1bbc5b8f98051f65c62ecf1ec356fb7ee4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    89065ce1592ce2cc834102ec6fd4b819

    SHA1

    e83df60665fe1aba0aa7fa1a6671b5740b1c29f5

    SHA256

    7e8443fc7221ca2c65c7f16d241f49d1d436e086891c93befc653c37b5185b67

    SHA512

    156db711db6a04e198d28f44b6611bbb8336be92d6e190ae8b56b298fe1c0f448226c5af517bc06eb56e50040ea6305c5141557afb5a5232fabe3480c184d9af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aecf1c45610a268f8c6491a72a1a239d

    SHA1

    d29792194d441bc21210937273803a40787bc6f5

    SHA256

    757c03eaebfce955d8dafd107fcf5ec437dcc285cdfb8895e405b93c45be02f8

    SHA512

    244c50627cb564d57a87f08d6d2e68985327cf2bdb635b209c6b9223fcf9376f0876e87253b784ed2d9d9df1abe847a0bd965c7cedd1aa18ced3b491d3c90296

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d8c2724501c88217ac6ab165a1fdc232

    SHA1

    ce950e7214702284fc6797012abf22c880c5ee74

    SHA256

    93a71e44d2a511cfc64ee098335d393ad9c8ed809910c694340f94730a858188

    SHA512

    93b1d92d058d5f127ff045b3b26467ac8137ff854ac85041615d233ff25dd64f7b3030e453f29f7103214b4fbdb52cd45875fdaff6fef7ecbd3f09a819da750e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{3A9B0651-6168-11EF-88E0-C2CBA339777F}.dat
    Filesize

    5KB

    MD5

    fd8088bbf64dddfbce743f77a0ba67e5

    SHA1

    b176acfe6e4f4d1af556732fc18961309864114b

    SHA256

    e1d4331aa166fd4bb97088000a897885052c92f71588c0998a42e2f361d76bfb

    SHA512

    882929c3fd81f3989a3469cffb65ed2c32be7dc461d76a98b5e4d437824d5c2f67ef095f609d0d79bf3b2b322f426f1a56485a95044806fefc12451a098f1f2d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\RecoveryStore.{EF48FCC0-4DC6-11EF-9142-CAE67966B5F6}.dat
    Filesize

    5KB

    MD5

    7cbbea5b3bbf4128ff7e438e5f60d0fb

    SHA1

    5e6a043cfabe2fa4574c7bb72d105a79feabec53

    SHA256

    be242dea2adf2278bcb47832d9aebb6b5f822301948129f6f6d57bf6edcd11f1

    SHA512

    ca2466fe2ac9e852fa5ba1e73dbd561f4d60e763864f19bdfc483acf39f6eae2129d450f08916ec87e9222acb79efe4014b3d01203f6a2e862870d146c27f08d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\{4B4707B0-6168-11EF-88E0-C2CBA339777F}.dat
    Filesize

    4KB

    MD5

    a6ddd31d74deea950a3828544a2225c4

    SHA1

    17446b5cc273440120ecb241b700999ceb2c150a

    SHA256

    64c6faefbd1549bee00fda7fd44b77d47fc62117da70503f557f9ff7b00109ec

    SHA512

    0e5ac34f0b3bcac8915cb1de9ecc388dc6286d5d14d8c030e56eeaa55452797d00b042c0b0093b2dd1e47ac5133d4142c09ca0e3765480b841fc0a10dfc927d3

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\{4B4707B1-6168-11EF-88E0-C2CBA339777F}.dat
    Filesize

    4KB

    MD5

    0d015dc90bca4650b1f0981dd0b51aed

    SHA1

    8173357854f18aa0fd63619a3c7dda4e33bda21b

    SHA256

    3dd04637c6ab492ad737058d184c395b3668a17376bbd836fc3a27a430637adb

    SHA512

    8ee0eafd7dbcd3a6d94e199ed68324e18c6ae073aa7031f7838611c197277dda1404122c78a2dd9a6f98ded3ce06c96aca9837d80c1901b946547f85bc9dd5b0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA0F4.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA1F0.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\~DFFE8C7235028DC795.TMP
    Filesize

    16KB

    MD5

    5d526d8cfdd91928138e3982be1343e3

    SHA1

    4c4144c373d9d567b9d3208b5b2365983dad80ab

    SHA256

    86f52629fcf11595038f8d6cb5c90cc1d3c10c9641397793aeaf99bdfef6000a

    SHA512

    58d4b7f82d258b5505aa86cac761ebb004bfb71f20bb0e20647a23013dd409c3bf4fb3162b3b9ed9a303dea75a57252b2dd36cb519ca4fbf730d23f729c08bb1

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    7b7b2abd947ac2ca641259f1b1ae76b7

    SHA1

    10ae3d7995665267da335bfd0e0751f9f43fb934

    SHA256

    8b8e135366d9d33562406003d1dc0042ee9abbc47c209fe40e970fa6cc6466f7

    SHA512

    3b0a0f42c48c9d94062d99ce197afca819e0a4b5da932a86d014c51d504dc33d04cb8f6a8ed8277ec7d7563538c6576cf677fd652e0ad5dd059bca74f8e6747d

    Download Submit