Analysis
-
max time kernel
117s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
01/09/2024, 10:07
General
-
Target
29ddd7248768a5f9e7dbd5c61ec1057f1997f1cd28fe2d7a2b1d03d177e10d86.pdf
-
Size
78KB
-
MD5
1bce5e02b734862ce567650985217e9e
-
SHA1
2ecf0fcb8ff448c49fdfb274f333026ecf90d1ee
-
SHA256
29ddd7248768a5f9e7dbd5c61ec1057f1997f1cd28fe2d7a2b1d03d177e10d86
-
SHA512
472c5d10eaed87f250f7341123dfea40061b711697ca4a764f2dd7e84776fcca93ad2a7d4c9c0444a70ee98450d1f088d93f8310aaee024bea9d458e4ce05b02
-
SSDEEP
1536:5dsVn+WqtDOGMO0nbIpvrkXUfOTVci2WOGJOWEl4F6/WCpOVi5A+09upi:KnJqSTn0pvrkXUfemi70G6oVi5A+095
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\29ddd7248768a5f9e7dbd5c61ec1057f1997f1cd28fe2d7a2b1d03d177e10d86.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5139f20c303b66a1b44f56dffed99a42d
SHA15d0e511f384a1e0a10cd400c45edbd1c16c8cfe2
SHA256bbfb7655be36075ffb189d03ff36e82876f22b16df7bfc8fbdf53d6611a41895
SHA51294c42cb8966968e22b72d701ae67dfe4a3dd3556f43b299afc5bab1ed281d6d523494b4dcd1b3294ef6c9f28b943e916cb486d8387c104bd88a8958262e6f18f