Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
01/09/2024, 04:42
General
-
Target
748d518e12dd25b373afff1261ea307cab181f7bcf4f89dd272b17ed13f36148.pdf
-
Size
79KB
-
MD5
5ecff318ab6bc9fd2a43576ca2e63b6e
-
SHA1
6bcfc2fad369ee942abcffb1e878940275b5b4dc
-
SHA256
748d518e12dd25b373afff1261ea307cab181f7bcf4f89dd272b17ed13f36148
-
SHA512
b1a56c03333bcaf4f504dad8cb69a8f621875300dbb598389b06d99c6e99d9a94fb6ae417ae931796e4f163e2fe99421027233a3c2d5db683776e461646c71be
-
SSDEEP
1536:6Lt0yuJ5ulXzHlR3wU2UxSszrnM/CSEFbwXmWJWn5yxFR23zDWspOSF4M:xSjjB26SGrvLSNzE2S9
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\748d518e12dd25b373afff1261ea307cab181f7bcf4f89dd272b17ed13f36148.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5bfa7d1e282b207b303eb14387bf5dcd3
SHA13f4923d8292d3e980a745e26ac37be306c2460ae
SHA25681bb73e79f1aed885a879ad3c602e72123ffe7ec04f2109720a760629c0834b0
SHA512624d404f5987db1f6f3ed19e3bf8801bffb6bc6adfe98e283479788f714f637b92c4e2067da1c4ff471b39ac8e5c785c40c54fdfea59b2c86d91922727cbe158