Analysis
-
max time kernel
119s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
29/09/2024, 03:47
General
-
Target
e1dd9b2f4731c85edf8c63926f189a5b375b392e1938f79eefb43a198efed13c.pdf
-
Size
441KB
-
MD5
2d78b851b15d8805ef0425dd5b214a91
-
SHA1
6fd0fc519f332ea385a1397cb312341f3cb071c5
-
SHA256
e1dd9b2f4731c85edf8c63926f189a5b375b392e1938f79eefb43a198efed13c
-
SHA512
3c6e15428472208ae79c3aad235919d0ed017bead3ffef43f10b6866ef4a3e34a27a78bbcdb2ee094d5220335df01accb82915196e2075118fe66d5668746dd3
-
SSDEEP
6144:iPbbdPAzziA62XyhiBqLZDmR5B1JzBVU/fpPB5mhP0OpQgcCzl3D51DqrQP2xR7u:izx2zN62XcmR5bJtO3/bgc03zSIkRyI4
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\e1dd9b2f4731c85edf8c63926f189a5b375b392e1938f79eefb43a198efed13c.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD517d050076a1cce6bd58a04221f92b0ca
SHA117c0c5a9cf77843d8e0774589948c06599fcccd3
SHA256a0d303a9e1add06011ffd3c2c2d242e543cb40042413ab44cfec42b480a38e7f
SHA512955fb822801883deb5981f4f2820ad60019a652cbe037dbd716d1c54f276f67093dba52fb37db03939d910391cc5fbad8487f4814d55247d5c53315ed370e17f