Analysis
-
max time kernel
94s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
11-09-2024 23:08
General
-
Target
aa4656d7a8100307f6e20865e142df60N.pdf
-
Size
70KB
-
MD5
aa4656d7a8100307f6e20865e142df60
-
SHA1
68a9e953a471311a993e3d0cc240172098f7373c
-
SHA256
d11e1814ee5c14baf9c3f4631941862e86ba9ed093a9c794fa3e8a6e57760dbe
-
SHA512
9647ef383e5aeed43c016ed9d9a408ec1cccd6184e8f04a53c1bcfa2e307d1c032182d12c7f035251b99eaef652721d80b85ae96b853c60ecffaa3d3c369d925
-
SSDEEP
1536:8GFIHlQd1/ROB+f3v65Y3waTb+Njj/VVhkqUft9:ZFIH2nRUAvq6iNjj/VVhGL
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\aa4656d7a8100307f6e20865e142df60N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5d58610575ca78172d982400a8e1004a9
SHA1f5209d42cd2aa8238b7851edea8440e93971b517
SHA2564a3107cb5e130e6a758156da02693d1aaa24d9d0980dd4d01001549b63508350
SHA51264083c8f4eede65b463bff683d5a2ee52830a625e56f6049eb4b48cfd8aeb96d43fbd127d6df64a6ac4a1962462aa9537f00c11423d6a310e39e2738fb6104b5