Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
19-09-2024 05:27
General
-
Target
b5864b88f3f3f93ea9f4b8f446fa148025640b658a589dc90a369ed91939ed12N.pdf
-
Size
59KB
-
MD5
0722a9add08e7e02ff49339ceb811380
-
SHA1
73179c82cd0a7a0db5f57821b2f0ddf453c73f1f
-
SHA256
b5864b88f3f3f93ea9f4b8f446fa148025640b658a589dc90a369ed91939ed12
-
SHA512
bf3d39ee6f75405d47db143b9be4c87402e4c4183771562758cd6deb2ab1bd23b855631bc7079104b9778417070b1cd5f4178b27a9422113eae82895124a0fd2
-
SSDEEP
768:buzdNIggou41dMV+foYlP13IYgQZG6HKgwcZXnfOhcWLUgPQkqgcQXb9ERb:6zIW1dMV+foY5lggG6QSfOhcA4gccpEV
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b5864b88f3f3f93ea9f4b8f446fa148025640b658a589dc90a369ed91939ed12N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD58d9cdf843eb920ce64604a83eca65ee2
SHA1d89826ba90debf843e149397337fddeee50f4519
SHA25656122ab585976355309ab2d3bab2bba0d5abe9ff05076f8166d4698c16e172ee
SHA512e87e2fb1260453852f3521a09fa49e43436af6256b0acd55025c6f467601640a7cde72f6629e93566c4af8094ff9031b58b94efd9be7c1bdb0b503006cce731a