Analysis
-
max time kernel
90s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
03-10-2024 12:16
General
-
Target
3cf3ab1c984efddf41217d13496ba718ec445e98b708f9901592e134d33c2adbN.pdf
-
Size
23KB
-
MD5
f4fdd77416bd47a77f76735c0c6df1b0
-
SHA1
18ea3758fbc75351c4450b4f9407244014ebd496
-
SHA256
3cf3ab1c984efddf41217d13496ba718ec445e98b708f9901592e134d33c2adb
-
SHA512
632a87e2da0779e9b909989c7399d5bbf073ff2ce804ef1c483583be5a9d90527fa98051791348339f4e1ecfad2fe69a0f3f657d5d9e14a2ba87ee8a013d85a6
-
SSDEEP
384:6Y/aKtAD8GWcfkEIe7hKUNeA/5YSgCXXufmeDeCUSKGUQlMPhkJzgCHC2eidCUS4:78JWcJr5YxuXRtJeMJkNgMBj5qPpQ
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\3cf3ab1c984efddf41217d13496ba718ec445e98b708f9901592e134d33c2adbN.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD532e4bd5aec1cedd8a23a1782b157ca5f
SHA191e58b72b6487882da3022d06e3314939adcf694
SHA2568a18d69d00c7851b7a14602bcb0fb3b2a8bfc155fb0ca9a6b35d98aaa21af922
SHA51284e49952497d5bc1aede5a05f1acb0617a90f670cac2efd149be160fc0da816752906d0c0dc696889054ada98ab5933cb815c2598e5ab006ce4a7972a32be654