Analysis
-
max time kernel
94s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
05-09-2024 12:41
General
-
Target
a302384657232edcf5a95a474d4567b0N.pdf
-
Size
75KB
-
MD5
a302384657232edcf5a95a474d4567b0
-
SHA1
2a76cd3259a90ece14ad4537389b65303d8a3848
-
SHA256
ce5346bcfa9342adb5d6251ed4707bb9e50a63e8248916c150fd4c5370bbd3e1
-
SHA512
5010b052c8ee62f674ea36bf45138d4e9589be04a18cfa338f4907fcfd61a29153cb07e2dc0ccfa60f5478ee5c6bce219be03159153c555e69452d46afe725dd
-
SSDEEP
1536:MdqGVLo8t4ROtfLm9TnOXCgDF2222WDugFVLA:MdqGVktAtyOyusDVFVLA
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a302384657232edcf5a95a474d4567b0N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5063c2a987a6a596d052a89ae2e42edbb
SHA1c8c946ffd1aad08d015e141dc0db51f06b25b40b
SHA256948b42ca599a6e630420048b1c46e370b2bf0ae76fff22ed1e8e76cf54bbccc8
SHA512845a68c92ec2d56782d1bbb8b8ae69655d89a7b8dc486838470c77a441407d91089f521431f7709d3acd6e2350d3c04a96fba2ffc02c8acebb3f9466fdc6c89b