Analysis
-
max time kernel
118s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
01-09-2024 01:34
General
-
Target
6cfbd7bfdcfa4e007dc68780036d5e46d20c68ade4fc47963d2e9f599f5034bf.pdf
-
Size
74KB
-
MD5
948a38fc408b22e4c05f74bc5411031d
-
SHA1
3b7a6f7b254b8702428de119d9abc20f6b95f6ee
-
SHA256
6cfbd7bfdcfa4e007dc68780036d5e46d20c68ade4fc47963d2e9f599f5034bf
-
SHA512
7e5ab104d9fb504d00d122515ed1066f05cd2549fbef040ed186153143fd8c17b255b939a4734c6adfa04595d6f233926be42f7c1b7852bf11fa41fa2cebcdb0
-
SSDEEP
1536:B0r9aklRAwhF5BZ3LDVuP+M8cm7E/V2FJC8WRUBFHyIWspORu3hgMW+W2:ilRAwvDRLZA7I7UVw49UfHyjRaham
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\6cfbd7bfdcfa4e007dc68780036d5e46d20c68ade4fc47963d2e9f599f5034bf.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5ff3cf9ad6046cf022cc1ee1998a332b1
SHA14b5f6768d38b2dc0374fda20b862db9c464ec4bc
SHA25682606974d5397c07e7161f5db996a01055f86a75f0cb90aadba2d05190b520a0
SHA512110700b4e9e79fa655a778d313c84ce3c0bdd525dd050d0b3c7ff103ad20f1a19bc855d9b4f6d346944b9bdbf71c1036d7478a4e54fde3462e71325a11e51146