Analysis
-
max time kernel
121s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
09/09/2024, 19:40
General
-
Target
PARENT LETTER.pdf
-
Size
71KB
-
MD5
45dfe5a268dd11a71a61fba989b613c9
-
SHA1
eb003030c3ea6c81d506a3bff2b59e5d822d541a
-
SHA256
c431c118a64de1d3131276f50e34147a53c047907bdc6a313976aff580d9c5ec
-
SHA512
5169812b9223ed40c7d681b5dfd6d57ac5a86db9f381a621451b74ed8d3565efb54e0bdcd0fcd43f733db989f75724a55fdd4561902a92cb0cc7cf340c50a135
-
SSDEEP
1536:iNvMWEIxcxEzdr39dif7WTGSRx6hgGtAz/JR1YiU/DzIt9YGxWHCdOG:0V5xcShHijWySvy3AenDzMfxWHQ
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\PARENT LETTER.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD557abd481805a835b0a40cc7e662a17b0
SHA133c05de9c680e7a33e690ccd24e4784acff62103
SHA2564b1e67588b9ef2f04b6efd0d804087ef3475f7034faa888884347d3a8fc4f72b
SHA5125a2241bbdb606c303f9c308b055afaa9bb0300e7d9d73b1bf8bf2606cfc581206c8c8b21f4572d26e8dddbafbb3d7e8e900518acffb7df7469be38c9b53609d8