Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
04/09/2024, 11:38
General
-
Target
SOC SIEM USE CASES.pdf
-
Size
367KB
-
MD5
ead569bf66e22ab1439c1b947e5306ff
-
SHA1
8eef94dda0b7fa60addf4cf643f133a7ca8d66f0
-
SHA256
d3178e1fb973c7b95a1bb6c7e813ce091a208b1a64313ed95820623afc2624d0
-
SHA512
bd8346cb10872cb6d6438478fbfaff1c6d5d0fdcf271c19c21eaf7abae225add7abbf31513349339a0f0b9f5a60a66a0d19e9b7c6a40d7cf2cf375652935aa30
-
SSDEEP
3072:Tj1FBR6gwRWGA3AqFgRrMvCuTKyELYSdTVTlzltqkpFm8w1l5C8oiE/A6jzGnoti:TGRyEcSd3m8wPo5/0no5d7YAOTVv
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\SOC SIEM USE CASES.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5b9f2910feee30f2ee930c0eb581c3f0a
SHA198f330c85cab37214097f5f47b1c9e65b9e71fc0
SHA2565e2cd5ff7ba1a8d8f09b0a1314ccb83327fc4adb7819a323366d411bf5f893cc
SHA51262ae108fe65d1e32fa1e40ce9b6b43f6250fcd8a9d0c708a44d049140a81a016307211fa55ad241fca3a4f619198e43efde31af9d5df57439cbda1a856bf0c15