Analysis

  • max time kernel
    94s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    08-10-2024 10:33

General

  • Target

    Order Nº TM24-10-08.pdf

  • Size

    4KB

  • MD5

    1c32d785398e3a7eaab0e9b876903cc6

  • SHA1

    3dad168e79bc7f421760c98a8b6be2e1630a63ec

  • SHA256

    0622971147486e1900037eff229d921d14f5b51aac7171729b2b66f81cdf6585

  • SHA512

    29dcf27ef3326bdedabce72038ace798a167d8c2c4bbba8764fc24be4dc5f1ff6abf3e70d7d5b9df112e7f0d53d51fa61462adebd05ce2b0ee0705ac11295bc9

  • SSDEEP

    48:PBtPTwN8gkyvqPQD5CUhrFqzmPtskP2cAcaBnLqFvVxs3LF8qn9KyGg:plTwNsymhcxvP+kXFynLYV+RlhX

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Order Nº TM24-10-08.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1820

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    bdf4b196b56bd4f34dd9bfb2efffd6ec

    SHA1

    88b75f77b177ce223e462e667dbbca6b91e8f15b

    SHA256

    9c66ac492238d43306ac796e1248b6734c61f8b41d5f6ed824a07827bf9dde12

    SHA512

    a2eef91930f994a9136a4d6746061e68333e5cb2eff7b69b0ba3471df4ddf8d11ca0c6c37193ce93279501c16ef24f3de4ab7d588984bb0796fcfaed02927e2a