Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
01-09-2024 02:01
General
-
Target
42c7e405e56ef44b3a73f6e7c871046ac18522292658780f4aaa1f6a64d17a2b.pdf
-
Size
81KB
-
MD5
7b8dc07c6b30d59c0dea60cd53466db6
-
SHA1
6bb63647c99a36a3bc4b8fc89db6d5e386f104f4
-
SHA256
42c7e405e56ef44b3a73f6e7c871046ac18522292658780f4aaa1f6a64d17a2b
-
SHA512
4de5ae0793609f47670ae4b4f5ee89423367396b49ee9b40525ccc7355f62ce9c308a757f60d74530233f029648236c832d1c27975ed5fad58a5358fcdfd5c68
-
SSDEEP
1536:YiqTb/gjrqypvDDwTGrSU3oVJSCj2IIUd0DKlu1aSWOpOwrKWd6A48FPixDS/s:V8+vvnw4Vo5IUmD6G+wrbX4kPixD7
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\42c7e405e56ef44b3a73f6e7c871046ac18522292658780f4aaa1f6a64d17a2b.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5b95dcb3c8e32eb0468889e20071c3d3f
SHA1863fd4b6c61c9de407a39c826e150f604232134c
SHA256da423d5d0b059bfbea43c0f396e20679e65422b6273bb9296503516d0700a56d
SHA512a3ed86400db1cd4caf55de9ece57cbe436d49c1f0c99cbc5c6f0b7329920a0c847fa3e7e195a074e9c4cf3ed514d65430354ff30ba055de232ffd67642db9de2