Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
30/09/2024, 00:02
General
-
Target
83cdba5a999c68a3c8d6384b7977e84bc466e0a8e19f3bb556ede6f6911b64a8N.pdf
-
Size
75KB
-
MD5
ef08e88773b431dbc0180b4dc6dc8190
-
SHA1
ac5ca859d0a21439d5a7c40a1bf5e07ad7be1d07
-
SHA256
83cdba5a999c68a3c8d6384b7977e84bc466e0a8e19f3bb556ede6f6911b64a8
-
SHA512
d5b3a88f23b408826f9d883cf4736a39799647211912967bce068700b803accbcbd50058387e5ae6e768b8e2e5310800d7a6c6c0537b1342019a21da61385a68
-
SSDEEP
1536:SdqGVLo8t4ROtfLm9TnOXCgDF2222WFSaMCCBwWigj:SdqGVktAtyOyusFSFNa1gj
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\83cdba5a999c68a3c8d6384b7977e84bc466e0a8e19f3bb556ede6f6911b64a8N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5514bdef31619086e517692b6ab0c969b
SHA109aebb563e5d4476bd4ab9f77f293ad8b8506bd7
SHA256f83db24ddb645dd6e57b0eb586b1a2deddd2da2ab3db6515399ef726ef6ea41e
SHA512085a132662064594de0de53c7cb3b099602ef149f38d7e185a6ec9d5ecd8cc66264d1813ee149315e16579335e4f4d21c990eebc5f428cdb7d80e69a8a44e172