Analysis
-
max time kernel
119s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
21-09-2024 05:13
General
-
Target
CopyofTemplateGovUnit1Vocab.pdf
-
Size
485KB
-
MD5
c618ef1d4d466664f51a613133fe9842
-
SHA1
961191d2427e0b3cd3587143976bc5b3f9606109
-
SHA256
34e6779ffd5bc3eec0692d62cf2004604a56941074ed0cfad3883c3ee6b55ced
-
SHA512
294a35f0558f9a8d73bb0edc958a15e87819d976d5d8bd9dcb6296d79b975538f2fcddc356ba748853df7e92851bd1e5faa52f0ef5f49c29365089a30e102c64
-
SSDEEP
12288:oriwFmrX6Zk14nAtX5B4fGfgTBfQBrdqEQR3mi9:KbFrkTV5B4fGhI93mi9
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\CopyofTemplateGovUnit1Vocab.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5e5ed94af424a360fa9b7c6b61a6f588c
SHA11184da4343405b9ae6f04001f538872e9947daf3
SHA25669fa71533d3b1bdae237fd00cbd1e01ba959e74f862c6c30f585dc057a19536e
SHA512a28f81c457b761433e4a5070c7b7ea8c8b7b4d529a1265a24f55d13e94c05d1fed507ce95c847abdaa73e9af1a1e8793b04958b238e41385172b72191eeac186