Analysis
-
max time kernel
119s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
-
submitted
23-08-2024 17:22
General
-
Target
INVOICE-bad.pdf
-
Size
1.1MB
-
MD5
8a2ffa124ad0bfb4eacb6905d7c05c0b
-
SHA1
ea3d17cefd6f3d9b5db7ca86a7c5cd6c85923c92
-
SHA256
48c9fce99053cb85b5311a43f94159bfac617e5ac8ff076f6c6b77a2e28a73e3
-
SHA512
ff1e22eff21c69a04e1283e6ed8fc27e4090c4c3ba5c4fad4969bbec05b01593c1031a948d0fc861be25c482168ebf8f16c40e23b7a3e4dfcfb906349471fed4
-
SSDEEP
24576:lLIEPf2XJoCQW0cP0uW4yGo3hjkAAh2Gjzrtht/8:lsEnMJNWubhoRo726rx8
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\INVOICE-bad.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD57dd49899223b70aa81fae444c86d35a1
SHA1f1aae3d1ef8cd2c4407337611a5491fbfe4ed92c
SHA2567f859de3beeedcef4c3dbf40a9c97edafe1503186f2130cfe1d84c7ab8928684
SHA512fd129fc664f87a36a70ef21a361d36365416c7909fbef4afde774deadddd95dadc0124137aa6dc998319f312b77672f7aab2ba3f82dfc4f34f41bc9a04147ddc