Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
03/09/2024, 12:37
General
-
Target
7b5956938e140e5925e4a75d1d44fe341df8c4549e4eddfee4ba4e6fdd2f8a8e.pdf
-
Size
97KB
-
MD5
edd64dd22b0012c2fca7044dee40b428
-
SHA1
efa1de79fa933f83f58e5528c55c15ef29a7f364
-
SHA256
7b5956938e140e5925e4a75d1d44fe341df8c4549e4eddfee4ba4e6fdd2f8a8e
-
SHA512
4d844e6aa530c6ca0f17d83768b21761fdf41a6c02a8159948ad5f07b6c63574017f2a35e18ae5109ada0a09cbdaa009dac554f2ffe68e0aa982af6254a64c05
-
SSDEEP
3072:jr8+H7dK4SHgQCw6ERC5tW+uID5/uET107rs0z0Wcx:jF744Yg2LRctW+BYl/Zk
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\7b5956938e140e5925e4a75d1d44fe341df8c4549e4eddfee4ba4e6fdd2f8a8e.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5ed394be25be93c286b5449edbf770c08
SHA116682bc3ef2741b77ec942dc1a483518740b0626
SHA256f2362c4ae517abd1c683f0ea5d0c9ed1b9d6475081621de924871e74165a4b03
SHA51206bc0c054779e82efdb1ef58a10cd9640bb7baad69d7eb30a3d71dfdc776c85be6acd29a81f717b42acb9c133e298e05af574df93a968b790f2f1472275fc666