Analysis
-
max time kernel
96s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
12/09/2024, 13:30
General
-
Target
e5bc3d2d8c5e8457eef68ecad7894d20N.pdf
-
Size
73KB
-
MD5
e5bc3d2d8c5e8457eef68ecad7894d20
-
SHA1
071f27f38246bf02b5a07864e9d4e546ae075fe5
-
SHA256
d8b2ff1dfcce59563783a58115e2f4a3283a1a0b59619bc3dc7ae80c7c2785a8
-
SHA512
87ac5b0373a7f9a06bec223218a27f713adb96b6e84fc2244b2416ae605beb5bd165890b8fd2bf611914ce37d37ad3f3813b5e17b3a18a17b3339c1e83429f62
-
SSDEEP
1536:QdqGVLo8t4ROtfLm9TnOXCgDF2222WfpJKSiu5hV:QdqGVktAtyOyusfp0Sl5hV
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\e5bc3d2d8c5e8457eef68ecad7894d20N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5d333a8a845f828327baa51d76f4c9eb3
SHA11555170527d91d89b23b516e4e3b121fd85e6a8b
SHA2565beb1b1f2fa9107ec1cb0b32b3e080add6798fe00572d74ec48ebcc9c760e364
SHA512d4680820a6c4174b81c5ddf78acd6477241cee5ab33fe3c0e0b4832b731b9109721bbe7af21ed39123a631c9a58d0047ec88585167cf4655d43ad809da866e48