Analysis

  • max time kernel
    122s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    02/10/2024, 13:16 UTC

General

  • Target

    Invoice INV-0004.pdf

  • Size

    50KB

  • MD5

    dde09500a00b0972ca35574f7a170d61

  • SHA1

    83ab678da6f92c7fad17edac2b2c4b0678e564f2

  • SHA256

    1577581f0f080fe7f3f159f1366a44bb44516421d830a2c9a7659f0b7898b4ec

  • SHA512

    2819f361d38a256fd5d875561e478e7c131822f797a1d9cdda69c38500070143ffe6c1636838a69382aa55aa5090d474fb2d9c37a45fba218de5e978dc21ec96

  • SSDEEP

    768:8CJdKwxCDdhU9e4E/AB6rFkoOd80VfDk5LK4gMfnRCIYn20yZ2jF83haYiU/LkHF:g5JhU8IkFUWG4gMzO20Tq8YiUzkHYq06

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Invoice INV-0004.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2492

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    ff18c4d48765db24154ec02b0ecedac0

    SHA1

    74bb7702f4dab11df32ac77c6656c15267f7b069

    SHA256

    fccb68a3d99277233ccf5ae166d8031404870441bfaa1b995d874a1c4dbc0ac0

    SHA512

    ea8c3a2b272e2373fe9f0cdc100edcfdd68e1c8658ec983417bab51ff34c172706ab05ed61aa61f6640ee18f37545875d075317668976e85b8229a12520e3aa8

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.