Analysis
-
max time kernel
94s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
05/09/2024, 16:20
General
-
Target
f_000047.pdf
-
Size
1.6MB
-
MD5
c5cfe0f8a14776195e4ad6db50a2eeaf
-
SHA1
e82b014f29a81a2235bcff145c1c991125249e50
-
SHA256
2dc69c4be6831d56e450d8d29e0d3b58bebb0bf7f1ddfbd397f4d7c4a403c4f1
-
SHA512
6927aa9007150bc816e3338f36f3719ed0e2e2848e26812d7fed0fef528914020ddd29562e27b3d30586f4e6c98b5658750235e2bc32836089af36be411a1645
-
SSDEEP
24576:24j/IX02nM7mnHvHowIZY+Fxg2HANxM07Sd5W5EcmzJG4eLuFmd3CY+:kM7YKFxg3M6AgEblvLmd+
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f_000047.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD50ec7dd5d0093d631e0b696a00ea7c979
SHA1f201fbafff0ec25af6f5a4fa8a74d7fcfb58440d
SHA2568309261b75169f65e876498b56c1f4ab6f7909592285311ed4f244df5a6177ed
SHA512e0df4386b9ace95e3edae3e43b656a1429e16b268f72c67ee30f8be1fa25a3f2b62455a8168aed25d9e5085c47f050cde60965cfc3248b9314372b50eba26b73