Analysis
-
max time kernel
92s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
04-10-2024 18:43
General
-
Target
0edc0b1b67e2d1046b59e1748906890bb16f5dd108cb0f97a04ec81af23e8653N.pdf
-
Size
409KB
-
MD5
22b2923d05aeeab38fb7154c9b6616e0
-
SHA1
50ce6c83b870c2d5152e241d8095923a034a5dd9
-
SHA256
0edc0b1b67e2d1046b59e1748906890bb16f5dd108cb0f97a04ec81af23e8653
-
SHA512
f40a29a5e596b990c019e574999249cb3767d2472cf693c0b3008f4f656aee2f6d6e4e7d583b5fd42250d54e13dbad0e03feb980bcf62752ea476ef6ef07b2e2
-
SSDEEP
12288:pcVEeuMPPPPPm8mkdVjMNHqfJS77exzr1P3BkqpM7U/aa:pcVEe+CfYRqxS77eNr1yqp3/7
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0edc0b1b67e2d1046b59e1748906890bb16f5dd108cb0f97a04ec81af23e8653N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5b711f9608620852a786b7d167996148b
SHA111a8e8fd8caf613d2f298429d0d56e82c7442652
SHA256250ba1ac7bf05c6e588d9651775093bedb84125b8b055793ae96d5f2d6176c4d
SHA512418ad85d24465c481948b11adeb669bdbccce01c37cf18cba93bc8dc43cc9579fbdef3c7dc2e5cf1036d3890ce0960ea26e29dae6253772c7f7753fe3d1df575