Analysis
-
max time kernel
94s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
-
submitted
01/09/2024, 20:12
General
-
Target
de63212b485d12dd5f25c46460123456a6f6cf2ae486a14b7d1def7a6253fbb7.pdf
-
Size
77KB
-
MD5
9c6b8e9f2642d16d38afc00e15269255
-
SHA1
2007d5020dd77bba4063dafc74cea83751e73daf
-
SHA256
de63212b485d12dd5f25c46460123456a6f6cf2ae486a14b7d1def7a6253fbb7
-
SHA512
e3c2347462566993e2852e30f9edd49272d0017d7225db9f788972d0779cc7c16db922bfd7b9f3354d9b9c337ce99adf50bfa1bee9bff2adc73766fa90c2a826
-
SSDEEP
1536:rtcydzQfaaBVXHhUVlEkhsFfRkPu61Wp/Q8HNAmm4WepOix4nK8R6:BGfZRhUV+qsFOPPY/QjmmFiGKd
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\de63212b485d12dd5f25c46460123456a6f6cf2ae486a14b7d1def7a6253fbb7.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD50f3b320982690037450aec0923192881
SHA10203a3e5d54ae6128f58594e753f09d1a7dc5eb7
SHA256dbda1513aaaf63decd4d7c524ed212c230d8eeaf5c1f60b705aacfdede862cb3
SHA512f315c6b764620efd5d852393e8382cf403a37a50fada7add9362f356f1645cd659cbf90428a085361dd12ea43309fe93d2694495799596cbe10c3ade4f532da9