Analysis
-
max time kernel
96s -
max time network
20s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
09/09/2024, 18:08
General
-
Target
4d64c21c77e66e9c5c6424620ab52920N.pdf
-
Size
1.4MB
-
MD5
4d64c21c77e66e9c5c6424620ab52920
-
SHA1
8cbf817864b07221ad37ad4e1851838d71cfdeae
-
SHA256
fec0e5981f6c704e739119b24abaff99ca32d11907f61cb46d958474cef35163
-
SHA512
103cd16df35d1a18d2332d78024c50f40c1d37ef768ed90049616bdee822a46b192ba420902d0d2069db3bcc0771ea5ebebd5662e67ec447c2c307ec240cf523
-
SSDEEP
24576:hKSUjppTBuaX1XNqIN7r8SljDPvs7tae8gu5gXSf/WbB23fhKFh3S79:sjpuK7/h9DPvGLS3WbB23fhKfS79
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\4d64c21c77e66e9c5c6424620ab52920N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5e8722d891bb230e01218cfcc4e454ed2
SHA14d999c35d01e10970ea15c1702a1c3c0c767c4ab
SHA256aa7001d0821fb5dbc403d55359f037cea8aa949af4a419c24dba32d79c4a582c
SHA5120931390a0a98f7beb3717788f922bfdb551c1dac5d9c5a0d959e15e605ef3a9871a4ffed31476266df055478a421353007616a45fb803dcb4ca0106349dc0386