Overview

overview

10

Static

static

4

d9f0268cba...5f.iso

windows7-x64

3

d9f0268cba...5f.iso

windows10-2004-x64

3

out.iso

windows7-x64

1

out.iso

windows10-2004-x64

1

PANDUAN_PE...AS.lnk

windows7-x64

10

PANDUAN_PE...AS.lnk

windows10-2004-x64

10

PANDUAN_PE...AS.pdf

windows7-x64

3

PANDUAN_PE...AS.pdf

windows10-2004-x64

3

PANDUAN_PE...AS.ps1

windows7-x64

10

PANDUAN_PE...AS.ps1

windows10-2004-x64

10

controller.exe

windows7-x64

10

controller.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    122s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07-09-2024 10:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PANDUAN_PENGGUNA_MyKHAS.pdf

  • Size

    378KB

  • MD5

    70588b0f7d0c41eaf361dec75814dee5

  • SHA1

    ed9a1f824a751ed45ab974c7c7d918edc1854be0

  • SHA256

    ccaab434da496d577632664aa7752dea2e66870b470fec7b44957425be4a6db3

  • SHA512

    eaeeb28e2eb182b85b1d9ddbeaddd95414d087360c3258053e1560d21e396e39b81a9f6dc77f31aee0415d58f1ea6a02f79e4faf04d81726c35ac9fcf4fd5048

  • SSDEEP

    6144:DlDpxoBOXnHBq4TkrZ/IUOF3pixCbkwrbw6Bi4eFZV7NkuM4dfgBhf6OXLKzZ:vxoBOXnHfTw/U3ExXsw6BS7Ni4taSO7O

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\PANDUAN_PENGGUNA_MyKHAS.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2088

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    c1ca469c5e0b201f4eca8ac767c1d9b7

    SHA1

    6450ea0765a19ebac4f685176caecdc92d12580f

    SHA256

    299c783fc839a94c447b68af76e86b54565d4bba279577d857668b5fbf2e17d0

    SHA512

    f9cd34e8bd708088b8d3327618cb06d390c8eea8ac32e5f68ad07a27ad697f69e6af45f09ab8e47560f656f49439fbf516da7b4ef5047b33bc2dbed597fbc2a3

    Download Submit