Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
21/09/2024, 07:00
General
-
Target
803e5a0f0fecbf467e5050474d49635244d83675f37c9fe8e0d2552378723b0cN.pdf
-
Size
77KB
-
MD5
1e27366b2cc104bcf1738b74f21a5e10
-
SHA1
96085977dcc4f22eb4ed985668bd7e358a2075af
-
SHA256
803e5a0f0fecbf467e5050474d49635244d83675f37c9fe8e0d2552378723b0c
-
SHA512
e16883325e8b0524fe212ec260484bc1c97f67fabc4fd090c4466d91843069bcc1d17bd71b85420b44dc0d8d462210800b070f0b8b57fed91d563282c3f1bf03
-
SSDEEP
1536:ZdqGVLo8t4ROtfLm9TnOXCgDF2222WITxsIiXxJ:ZdqGVktAtyOyusIlsfxJ
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\803e5a0f0fecbf467e5050474d49635244d83675f37c9fe8e0d2552378723b0cN.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5b42373d343099bfa4af515e9e823ade4
SHA13b295c1b647af8f101378b96bfdfa973abe8b4c8
SHA256f47d135aae1a977a03e0b0b03439e81501dd1e32ed31d0db60f9407ce7cb27db
SHA512369135ef8c451ebe2484e1649483a1dbeac482bd36f0eba03462dfe29183bedb3d38569e261c37de9fd27006dc39c0c70eea1d47eed90bd9e7b8c02654faef32