Analysis

  • max time kernel
    90s
  • max time network
    16s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    03-10-2024 12:14

General

  • Target

    3479fac2e4cab300a50d02d4cba121af71e2c66e31e099996fe34d298e2c65aaN.pdf

  • Size

    603KB

  • MD5

    10764048be68ad698120a5e9999f49c0

  • SHA1

    4a540080844a5de1e297ffefb796f1e4d9cb7a85

  • SHA256

    3479fac2e4cab300a50d02d4cba121af71e2c66e31e099996fe34d298e2c65aa

  • SHA512

    d94f30a16b4a73a56f8315e210f94a61401052b54430946d5bdf9c07117f25c3297b2515af3272ebcc3fab45e8ba5705d5d3ebf3fe4636eefff479813490707e

  • SSDEEP

    12288:ygt9PAvv+le6cqAXnkWyTvz+29I3KqgyPtiagxakR6FbxnT/8CQx:xU9qUQ35RxNIfbK

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\3479fac2e4cab300a50d02d4cba121af71e2c66e31e099996fe34d298e2c65aaN.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2440

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    f4694b2cff01fc3af438f73c00889b0a

    SHA1

    1db5954c6048d588a6266a16d9ef6217d247e417

    SHA256

    2ba55cfbf3ae29a3843048e610bf224e63c154584af951703e5b9caa1d76a309

    SHA512

    5c6ad511578a01432480ae0f01cab3a9b5ff9df1de353166acdb7995fd1b9a7cb40a4141c558127b996d742b54b8cae38aead0d127897d10deb7755e3cb46910