Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
03-09-2024 11:08
General
-
Target
6d11eff7a3ef15bfd719d81eb8db82b6d9a0b8fdfe2e2b620c52205aef437f0c.pdf
-
Size
75KB
-
MD5
8373ecb8ee98b352da2cd58b2473eb0e
-
SHA1
26024a5feae92acefc1549c554dd5db75409beb0
-
SHA256
6d11eff7a3ef15bfd719d81eb8db82b6d9a0b8fdfe2e2b620c52205aef437f0c
-
SHA512
0a3d8c0071eb848e88b009caacbb0e74e8606cd9fbaa63dcc11628155c8f40d1fcd370301e3aee1bdf19f77ea2efcbbf4fa9d4001718649cd8eda1b87ee594a7
-
SSDEEP
1536:sp8ix8M8W9IAputVq7Iok7meS3PffjDUqSSC73taVVGW8pOGvPAGjlIWXJQH0Vuv:ohX8W9IAputsIEZ3fj4qS7AGnlnjVuGY
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\6d11eff7a3ef15bfd719d81eb8db82b6d9a0b8fdfe2e2b620c52205aef437f0c.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD53b971d36d40b2a6a22a937ce633f7d4c
SHA153e0ed8a90cc30c38b4bbaf6854dfb9d228ca1dd
SHA256a7a2174b41147101ff0b4a9f2f7c8546147bb407c4efd1df5242c9349acf7d27
SHA5127d722eda7eb9c9e6335a0f62c3d0af5a1f7fa8e65b755856ea92994395b37b7fef8c66c096ab09a10eac153219bcffe1c608234e30373104aedd29a0f8c3ea81