Analysis
-
max time kernel
94s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
-
submitted
19/09/2024, 16:01
General
-
Target
b1c743045de8ee006fa2115dcb7cbcc9c2bb1b3f88e45a56393b96af1949e192N.pdf
-
Size
4.5MB
-
MD5
3fda5741da74ff75d72004d456aa25c0
-
SHA1
e06aa47b4c8b67c00bade0e26a958f39b750d705
-
SHA256
b1c743045de8ee006fa2115dcb7cbcc9c2bb1b3f88e45a56393b96af1949e192
-
SHA512
5faabdedf5605829ebf6c16dbbc354f9dbe828f35b188a505a680bec4345e1e79eaec7a7d8b2bc0c4b44fbe3adec0df903bbaf246d21d18bb57b65c3eae49c8d
-
SSDEEP
49152:NGvi7bxLfex1QCrtP8Kt8um+i/jq7oOyHq66TC2KEgZSXoxmAIbqsXvD5oNU24dH:4vgbxANiuPo2TCTsXoSqsf18EdKl8
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b1c743045de8ee006fa2115dcb7cbcc9c2bb1b3f88e45a56393b96af1949e192N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD50b7f0cf1b784cd934a9203987b8b9cfb
SHA1a095ac8a7f89da75a2fc4c89acd2f0438fa29dad
SHA2560e567b2c90de119b2e98ec323d08b10cc90962ccf2ec719c7db524903245c1e6
SHA51208c3a9cfbd1b536eedbcdda99d748f99facbbae60702f976626d7dbadcbf3718b6537197889e1763b2b7c1622b7f834312b8d6c14e939bc5bbf6c8a9bfea01d0