Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
20-09-2024 22:40
General
-
Target
c79d13feaad26e4f3b6da399ac41e9a0ed4f29fbbfa7dd248d25e749ea91dde6.pdf
-
Size
154KB
-
MD5
d0796ab6dc3b3cc56e88ef4b68b6f14e
-
SHA1
b8fc012ec9ca0b71b78a68feee4b33e7cc2326bb
-
SHA256
c79d13feaad26e4f3b6da399ac41e9a0ed4f29fbbfa7dd248d25e749ea91dde6
-
SHA512
af53e17596717bdfdaeea977a2bfaf81ddb9eb5794c1d0f9e92edd9de88abb178d22fedd2b281d8283d9b3798b9c67a0df800e91a0f61dabc409577e1487bfde
-
SSDEEP
3072:TqD7d6jj9p/u3aeploy3ZWCAhJxgNdxKlT:TSkn/Qznoy3ZWCUq6V
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c79d13feaad26e4f3b6da399ac41e9a0ed4f29fbbfa7dd248d25e749ea91dde6.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD588e13658361e6591bad4ff6ae9910a45
SHA18b3baa58146abaf203e3daa61ac4a2c2c910995a
SHA256fbf367bdd42f557ce4083e89c0274d47ab692dd537ad84f1035d80c398082c7e
SHA51233be1d2fc142f0305b1557b427443d7ff6fabc21ec3c6cb436b214db34c32ab611cabb3b1f6c0aae074dc5a25e0478109f7d2298b6037dd2c9642f5011e7ab71