Overview

overview

3

Static

static

1

9.24.24/Ba...24.pdf

windows7-x64

3

9.24.24/Ba...24.pdf

windows10-2004-x64

3

9.24.24/Bo...FT.pdf

windows7-x64

3

9.24.24/Bo...FT.pdf

windows10-2004-x64

3

9.24.24/La...24.xls

windows7-x64

3

9.24.24/La...24.xls

windows10-2004-x64

1

9.24.24/Me...24.xls

windows7-x64

3

9.24.24/Me...24.xls

windows10-2004-x64

1

9.24.24/P ...24.pdf

windows7-x64

3

9.24.24/P ...24.pdf

windows10-2004-x64

3

9.24.24/P ...24.pdf

windows7-x64

3

9.24.24/P ...24.pdf

windows10-2004-x64

3

9.24.24/PC...24.pdf

windows7-x64

3

9.24.24/PC...24.pdf

windows10-2004-x64

3

9.24.24/PC...ev.pdf

windows7-x64

3

9.24.24/PC...ev.pdf

windows10-2004-x64

3

9.24.24/PC...24.pdf

windows7-x64

3

9.24.24/PC...24.pdf

windows10-2004-x64

3

9.24.24/Pr...20.pdf

windows7-x64

3

9.24.24/Pr...20.pdf

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    30-09-2024 18:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9.24.24/P & L August 2024.pdf

  • Size

    17KB

  • MD5

    b095541e07b02e02d858190d88fc0ee1

  • SHA1

    f4f87b9fc219475750919a76c6e589d214e29b37

  • SHA256

    2bb36eba53363b139cb3d43bb1d71f4c291a6ced893f152bddca74d5990fdaa7

  • SHA512

    64e9ea4783f13f46e8455fc1107bb730d187f61194226cebca570c5842c087b82770893ec16ccded0a98c652de425f1523726e31e2b1ba91280b3fe75df5e5d0

  • SSDEEP

    384:y4EMLrHOLnMj5FLrVSoPLz6N9NNIKsPDKN+XP45EsaSGbZn4gkjSMDMwb773f3E:yS2rMvLrVRTuHbDuDKN+/45cBnmSMW

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9.24.24\P & L August 2024.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1936

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    36d77c3410e9bb69722961bb8909fdb4

    SHA1

    be972904de1081c7f7797041614c0c2cc897153e

    SHA256

    f2a74da2bbe0a5ba3c1eb16ee543d4c3cad587d0b0dc41a9a3550eeed2beca5b

    SHA512

    3e179637131b909c13314ccf8352a8569ede9ab80ed41d1ae51089a0cbe6c427f6f94b1bd112241612cd426eaaa4151c90134dc2d958546afdcdfd4d2e4682a5

    Download Submit