Analysis
-
max time kernel
118s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
03-10-2024 09:11
General
-
Target
4bb83b488b7e8f2f5b1953812b830ea39a4c2b09509e2d8fbd58bece25950ad4N.pdf
-
Size
104KB
-
MD5
647d0958b8c50c7cc10cf08ce7d9b0c0
-
SHA1
e28ab0d0c8a495312583fd89c93f8fac03e271cc
-
SHA256
4bb83b488b7e8f2f5b1953812b830ea39a4c2b09509e2d8fbd58bece25950ad4
-
SHA512
f511bd07de16723540e4c5bf290ef4f433e56324eea7f4d283a6e1cdea38d4d1313c0bb38d107a41c2d2bdc34258599b0bdd45eb03cae16e4233980386ee89ab
-
SSDEEP
1536:z4j/WAZVFyNprfzN9b/Yf1DYnYJKrdM06DzJeFiWcoGvVYEzDZJrTZO:bE4rfzNY9dJKrk/0YhvVHHXs
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\4bb83b488b7e8f2f5b1953812b830ea39a4c2b09509e2d8fbd58bece25950ad4N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD533b62aaf97fa8db94d0503b064b95f3f
SHA18641898dbf0788a2b796025bf06056ae069a122e
SHA256eb561b492993afeb96fdc633dcf6e6798b50d09d40c6c372eb9b6f7ffd90a3b1
SHA51286253cbd08c1cc195383cd9fe9d53e021ecd721e8fb6eae3ee6e2222421604cac67f022fd6643a937da5f734f447f31c952220045c201ee83a31ccf00a4fedb1