Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
28/09/2024, 23:25
General
-
Target
79790d93ec5886827dc71808dc4ebcc2463fc640fd0ff91e418d0c8ea488887f.pdf
-
Size
320KB
-
MD5
62c8bc00dfa2123ba60e74e2681e3c2b
-
SHA1
0889c8519ed06321f6dbfe466aa7575f588fd748
-
SHA256
79790d93ec5886827dc71808dc4ebcc2463fc640fd0ff91e418d0c8ea488887f
-
SHA512
ceadb2e04014485c4bec213a9d00e5223a745b90cdbc162fd10367727b6f14840cd50693d2671585ec1ef40a822dd1999e403a0617ef9e3d9f06004a83bcb0ba
-
SSDEEP
6144:LxlK6EF90kShDp2PDW5yg4W/z47TneXpwahZzrpTxGyWqv:n+r0jgqGW/c7Tn+ThptJ
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\79790d93ec5886827dc71808dc4ebcc2463fc640fd0ff91e418d0c8ea488887f.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5e21bc231449ced31e7bd26a8a2124c00
SHA193eb0f2921b203461fb7cd916960e77454abfd4c
SHA25663ee921283c15a75705a28d5a258011544c1c65158b3467d682a58e82050ec99
SHA512b180adb1090738e3e44b593bab37fc85cd1978801b186e6ed5d8c11445b864e3f4cf27e0f9787f3a351e926d87a843b8d05f8b7af53d61abe0747b196a9a1728