Analysis
-
max time kernel
94s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
-
submitted
29/09/2024, 20:42
General
-
Target
8b548612b66f3b8eaf97f4ea6f74414d1dd418822f75efc73f2ed87c75a00693N.pdf
-
Size
876KB
-
MD5
b81bf446a815428ad192c5a249ad3750
-
SHA1
73584dfce7a754b6660237dee9d6fcf77488fddc
-
SHA256
8b548612b66f3b8eaf97f4ea6f74414d1dd418822f75efc73f2ed87c75a00693
-
SHA512
b1a27ea254c0c9e4a8c7c2aebf1fa2f92e9c38b961318931f6035e5a93fdba5243c35412f357b3a4324eb7a74d1d6926ce2c8fdd3b879c0ea6ec8e3eb51a986c
-
SSDEEP
24576:iE91GUyrTjw+URr5dK2jccJugFjiTNv5yPvNvz+b:19ByXjw+URrK2jccJuIjitY1y
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8b548612b66f3b8eaf97f4ea6f74414d1dd418822f75efc73f2ed87c75a00693N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD506adc71e087bcebfd5d2359c9cd59f88
SHA1e3cecbc64773986dda25e9a2553c326fb5111989
SHA256366e6a93fdae42c30d0a6084f10a2edca4a8588755884363716ad9b7f8432077
SHA512e701fdf1f45ce768e13a437a295b10973a15926d0cc1ddadd53293bb59e37358b0265b805ea72c275180f32ea3e2e756486dc52115bd95c2c71fb919e4fccb53