Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
27/09/2024, 21:23
General
-
Target
3059e31f93fbfc9e0c5124105398e65ed26c3376718f463fe4f82aed9886e6f8N.pdf
-
Size
58KB
-
MD5
0e8a79a1fe28c24882c7a8ad1e11e550
-
SHA1
b6fe4bea0b5a9d8eae735f6c938f3cad6075cd49
-
SHA256
3059e31f93fbfc9e0c5124105398e65ed26c3376718f463fe4f82aed9886e6f8
-
SHA512
e4223f2c2f8603638eb49c002b4b981996c783255da97693264c0c5bc6b7ab645eadcbe8f61e156c05b02a4182746563ba68481c2edd72b523e8091abd21069a
-
SSDEEP
768:ouzdNIggou41dMV+foYlP13QpG0L9D+MlV3Unwozpu3bynRIOKYCj:zzIW1dMV+foY5D0LzlV3gwmpznSOPCj
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\3059e31f93fbfc9e0c5124105398e65ed26c3376718f463fe4f82aed9886e6f8N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5e05810d34ad03d9b42c491ccd504f648
SHA148ca083ada6ca392b57ba7ac2e247daa4fd76033
SHA2560614a2932fce526b2299b960ec9e949ba8dc9b6fb3db385630a86e26724f27e6
SHA51256deaa462e74bb2386fee33cd714a552851d4058748307fdc8c52b5083d7aac31f411b7f909f0f359a937022bfb1299f51fc988de2175d4be39806bf0988e025