Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
30/09/2024, 00:48
General
-
Target
1b1c62cbf1da94288cf9c21224f0ac781da42f01b78bb2c14e9a3e46f0909972N.pdf
-
Size
310KB
-
MD5
f443be2b4e61f66105291ee2168213d0
-
SHA1
13686524520b7e7c5a9a36833ea4bc0487276381
-
SHA256
1b1c62cbf1da94288cf9c21224f0ac781da42f01b78bb2c14e9a3e46f0909972
-
SHA512
fb988009d1f146c6e4f96e5e556cf89bd47423a836100e41fe021c9505172156f713b450d2f2bb7bf41e2a3902b9a801cce3410da9a2049574bf7d55e644f869
-
SSDEEP
6144:f3VRAJLub4SLahogGe5LDNsaSQDQ1uWd5ksgqKRxiJbFy89NgYlzfNPACcor5dRA:f3VRAk4+aXhpsXQ81uWdGtqKmJA89TlO
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\1b1c62cbf1da94288cf9c21224f0ac781da42f01b78bb2c14e9a3e46f0909972N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD58c32b25ccd77396383e1ccfbd35cd7ce
SHA1252b06f9c1f6b47df2fd4ae1201474daae71e0f6
SHA25616fbfa3b77322ac1455790d90baac26778e22afeff3ccfa6959a7683a97ea354
SHA5123a65ff210ac8cdab434e398117f1da2b08bc48da4df742c1071135300615611a9150f66cd8193e9b5add3f87e7d02abd556d7b075d9508287f373c1263f3e52d