Analysis
-
max time kernel
95s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
27-09-2024 12:10
General
-
Target
5e1a7b59734a013a9b35b48055447e4114ef49f2dd7b4b25c1cdec2991280cb1N.pdf
-
Size
6KB
-
MD5
c72d72c40d43a0b20b1fb7badb4f5980
-
SHA1
75638457435e38647d5a06ece75f6cb92e7d85df
-
SHA256
5e1a7b59734a013a9b35b48055447e4114ef49f2dd7b4b25c1cdec2991280cb1
-
SHA512
79508fcfb61f79d6135a8ecd033c7234986266c339c9c1d576ac4491082abe143069183aad7bef6ef93b9d726f7dc22e5d01d2c3b4c5657d93780fef72d9fbfb
-
SSDEEP
192:ovOz0LxTqWUEkJpV9KDlKe4N9xOn/9RVbzrst4ZcsDhEh:ovOz0LN/EpV9Khh4Nin5PYt4ZcsDhEh
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\5e1a7b59734a013a9b35b48055447e4114ef49f2dd7b4b25c1cdec2991280cb1N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5ecec06fe0d72791f64b34d21f1f7e4b2
SHA16e8e34a07e4c7ee43f582d710636a9759c1f0991
SHA2560150672f4fb89caaed4957004c765c839944bff9c7763fb7a51a75d381cae84c
SHA512b99c9f95c12e0bf62aef54f47608fabdd43c7b1f040fd851ef7f29950dc10783d92202042fffb7029752d9ef2ee91c0d22248ac93ca80e540fbf5b34fbaaccc3