Analysis
-
max time kernel
122s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
02/10/2024, 13:16
General
-
Target
Invoice INV-0004.pdf
-
Size
50KB
-
MD5
dde09500a00b0972ca35574f7a170d61
-
SHA1
83ab678da6f92c7fad17edac2b2c4b0678e564f2
-
SHA256
1577581f0f080fe7f3f159f1366a44bb44516421d830a2c9a7659f0b7898b4ec
-
SHA512
2819f361d38a256fd5d875561e478e7c131822f797a1d9cdda69c38500070143ffe6c1636838a69382aa55aa5090d474fb2d9c37a45fba218de5e978dc21ec96
-
SSDEEP
768:8CJdKwxCDdhU9e4E/AB6rFkoOd80VfDk5LK4gMfnRCIYn20yZ2jF83haYiU/LkHF:g5JhU8IkFUWG4gMzO20Tq8YiUzkHYq06
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Invoice INV-0004.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5ff18c4d48765db24154ec02b0ecedac0
SHA174bb7702f4dab11df32ac77c6656c15267f7b069
SHA256fccb68a3d99277233ccf5ae166d8031404870441bfaa1b995d874a1c4dbc0ac0
SHA512ea8c3a2b272e2373fe9f0cdc100edcfdd68e1c8658ec983417bab51ff34c172706ab05ed61aa61f6640ee18f37545875d075317668976e85b8229a12520e3aa8