Analysis
-
max time kernel
95s -
max time network
18s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
23-08-2024 16:20
General
-
Target
Szavgorodni.pdf
-
Size
37KB
-
MD5
1a9a0238d3e567294f18ae5fcce242d8
-
SHA1
fb0889f64231f31640fb4d7b8b5a2f673d9497aa
-
SHA256
a82bc84c8b490c2318856995e8b6a20bdc973d930152827e97439439bdddf4de
-
SHA512
bff392df9bd561eeb161327bec8461ff3fca52a59797af109898bb12d8e9166bc6ce820f99e3b3ebf17d4f46975c76abedbd76fe452a19aefd3c2782277d52b2
-
SSDEEP
768:FSIammSN+AROFk+GO3TDBFM5WiqELo6c0yLTuK1I2WYddVBBYz:FS3mmSN+aaUODlM3Lo6c0yLTuX2VpBBK
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Szavgorodni.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5f47f1c200ecbb38220e52f6debbad88e
SHA16aff2c96f9ae704de43cf8eb5b09193a7e9e55ae
SHA2565fbcd477d001774cf1207b521c1792de0df09055683069278b66f279326b4718
SHA5125529f5da67ce3b2a08130491b53bb3bd1eed049432ab6c05d9e8f677473c0fa4ca1e956f19a1860dee3dc129563e346244d8fafb5477219b8c9dfdb08d3fe700