Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
06/10/2024, 04:05
General
-
Target
d38a4d9130cf0549a4f581af1156b0c88bf69a70dc56e5428c29b32662edc8ccN.pdf
-
Size
4.6MB
-
MD5
8266e5affcba972a63ce6cadb5273dd0
-
SHA1
b9e70c53c1b835ac53260419bb0e375aa6e0c521
-
SHA256
d38a4d9130cf0549a4f581af1156b0c88bf69a70dc56e5428c29b32662edc8cc
-
SHA512
7c312fd87b07611ad2f2f86bad00b94b54846e0470eeceb3151bc301042cc65ef0d3cf15f2b9b35b5496a5c541bc31d0945ee983fc928b94d57e65f15ee50385
-
SSDEEP
98304:+yx0kLvTz7m2MB22z3ve2H6L0qOOmJN4NWOiS2zHbmi8jN:+w0oT/mXBT1GKOmJN4CS2/mf
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d38a4d9130cf0549a4f581af1156b0c88bf69a70dc56e5428c29b32662edc8ccN.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD58ae1818932f002faf9b994cbd92ce055
SHA11cd84b6b18e4a7e56799a19ee15e39e76968a8c4
SHA25612ea48ceca7e8e52e0a6f142cc0c93b70646973c379446b26589c15f436fe028
SHA512ca9afc8a8da0027514c6089b98cb18b66248cc85a0a0472d6ed67fb3098ef5c24d96bc6d8c187d46fc35bd0d0d361f95ae2d9fdc5e21fc61baa38a19b3148fd5