Analysis
-
max time kernel
91s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
04-10-2024 23:28
General
-
Target
178dd554d82b3dce82c0c4810b4fc681104227d6ef9316f92aeb04a1d3ce1f8cN.pdf
-
Size
348KB
-
MD5
fd971fccde6cdcac3e08009519c8acc0
-
SHA1
233aee71cb1aa7fc103bcb6194aba1f3fc01e333
-
SHA256
178dd554d82b3dce82c0c4810b4fc681104227d6ef9316f92aeb04a1d3ce1f8c
-
SHA512
bff28a1e5be3404f2cd2b26bc1a744a7a37449beb1b62b719d7a92c12420c3643863ed2503971aca49ba3e97a9faf77a42819989238b22e91d9139bfef3bd35c
-
SSDEEP
6144:45jl5UX8bAzbayM3iTiJLD4DclX+f52nh36OkciPxBjdyPGvxvaUi5+67P:4NrJbe1MImDIluh6c8yPGvxvviM8P
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\178dd554d82b3dce82c0c4810b4fc681104227d6ef9316f92aeb04a1d3ce1f8cN.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD55d7c09a049210c53f4a22e38cea1c86c
SHA12926ebc61e7c9b51f88e0580a903e84b6ae685a2
SHA25618dd989f86babfa01f4e7fea8b8c31bf7255c210e258ed2c5531ea9008e0dc40
SHA512ac7959e6aac6160217110c4233363e19ef005cdabeb0a505a8df14f1d8dc2e10ae728ecb6e90753ff0f0e9b68607ea833a3d3234bcb6a40a387ad39b90215fdf