Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
22-09-2024 15:30
General
-
Target
9287a286195f1e77e26f41b357f8b1de5c310f484240901a8d58156546a9d6faN.pdf
-
Size
141KB
-
MD5
bd6c882211e78d5d5e85d52d03da7980
-
SHA1
8e9dc1535d1362e8df2e17819bbebfc379b8d9b5
-
SHA256
9287a286195f1e77e26f41b357f8b1de5c310f484240901a8d58156546a9d6fa
-
SHA512
191e4f04286c4f364945a2e524ec7ae6a0bcfacce5897dabf386b59d268db54e70666f63c46fa056de4d13b4274a6b97a6ea013c07a29bf6d162f490fcab56f4
-
SSDEEP
3072:0tJ9LI6OFvleVXJRHPCgWBZ4rdJ3PUOd/d2INb1ZEdslRVDgG0ukT67evr1:0tJole9CtH4rdjjNBZfHv0uk8ep
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9287a286195f1e77e26f41b357f8b1de5c310f484240901a8d58156546a9d6faN.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD58b6dba2d59195e19ba9dda67dd9b4081
SHA1db80680f9aecb1499574cb2a86e996a68947c570
SHA2562399976c2549030824b81eadf03ec0260e3166f93a21cfb62fc0b5c2967d785b
SHA5129d1f504f77f0a7949012909e775e5cb8c861b2f2984fa4abca9598fa0cb162233a48a180b763a0b2ea54b0ad06afbcf859cca05a7f0de346990fae209ce84e19