Analysis
-
max time kernel
91s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
27-09-2024 13:48
General
-
Target
683d4d4c8dd1c7a3a92d52b69df3f426fcbdbbf7b486c7d583d2f730f51f59e3N.pdf
-
Size
735KB
-
MD5
68636b10bc59ecd7d1c84a528a9dbe90
-
SHA1
fd3a7d1f3282a3cc051a67ef903393e7737c29ed
-
SHA256
683d4d4c8dd1c7a3a92d52b69df3f426fcbdbbf7b486c7d583d2f730f51f59e3
-
SHA512
9fa16129f274aa6077aeeae4367ddda2af5f1f33048138936d5a03b7039d42e7dbc849bb2b278f63df3fa27aa57d57215bee6096e8b33a5c217df3a4fd5cfb30
-
SSDEEP
12288:uG7Fo5BkdSQFSfwQh2Rz/2KuAklCD6ld8Iihau9bGFBkvXeyMNlGRq9gtgUfBYqo:uG7mEDSftwd/2mYC+v8gIpqNN2NO
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\683d4d4c8dd1c7a3a92d52b69df3f426fcbdbbf7b486c7d583d2f730f51f59e3N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5415f774934e3eb541593917f663b053d
SHA15aeb0530e5dff26da15c5be0283e6b588a1f5f7d
SHA2560952e9aa67ee3158b6f4c8565340b586fe04005e2c04113b0c6d42d09925e350
SHA512711d3cc96592b70399f5d7f662b7672ebfd2b651444e1490caf7112a1b90ef78bd643970be4f8ffe3c52acdb630d9580cde8a2c3505ceabb3a5e470ca604beb1