Analysis
-
max time kernel
90s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
01/10/2024, 13:06
General
-
Target
872e04f33e7c42f07551aeecce3bbd24300ea3da95f1b22c996cdceb0eba5a61N.pdf
-
Size
136KB
-
MD5
7748d286e4be92136d8cfaa5668c02d0
-
SHA1
72f5ab9a0cbbbd5fef298dcb4250e3d7fce65f21
-
SHA256
872e04f33e7c42f07551aeecce3bbd24300ea3da95f1b22c996cdceb0eba5a61
-
SHA512
fc7eece19b520e7a24e8bcd93754fd96d3bc2a20300ed71aa7a847b6fa9d1d4af70a9c4c8bd85c3c50e1483429b06c15e51e78ff88fd45c09967a42d542640b4
-
SSDEEP
3072:xv/SkR2ou+34bABW76WDl/W/DydVYODcXIMIvKs9Ya:pKe34bYWWTspQXVY
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\872e04f33e7c42f07551aeecce3bbd24300ea3da95f1b22c996cdceb0eba5a61N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD56cb48480f2db2634dbbcb5e4b333cd54
SHA1511f5ea794acb35011d4f87c5261203e2982a4f8
SHA2569e83db4e2129ac963160ac4b98195292c0ffa18103195722c188db4c8be82b92
SHA51285b0309cf79c5300d523d06540c84c48e456ebe62d636cc8ef930c69c2a961515bd7410552be747d40780c7c8b6a6774fd6006cb3f862dd7194a0125acc8c17d