Analysis

  • max time kernel
    119s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    09-10-2024 08:15

General

  • Target

    Order Nº TM24-10-08.pdf

  • Size

    4KB

  • MD5

    1c32d785398e3a7eaab0e9b876903cc6

  • SHA1

    3dad168e79bc7f421760c98a8b6be2e1630a63ec

  • SHA256

    0622971147486e1900037eff229d921d14f5b51aac7171729b2b66f81cdf6585

  • SHA512

    29dcf27ef3326bdedabce72038ace798a167d8c2c4bbba8764fc24be4dc5f1ff6abf3e70d7d5b9df112e7f0d53d51fa61462adebd05ce2b0ee0705ac11295bc9

  • SSDEEP

    48:PBtPTwN8gkyvqPQD5CUhrFqzmPtskP2cAcaBnLqFvVxs3LF8qn9KyGg:plTwNsymhcxvP+kXFynLYV+RlhX

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Order Nº TM24-10-08.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2932

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    92f4f11d88656a1a4e4c1a0f178a8d07

    SHA1

    ea7654d2f901c230cf17b8e336ce5bfeee7153c0

    SHA256

    37df9dc03f48f0d7ce8bdf64d5a86ef6eec468a183166712ed0db9aa3dcbc1fe

    SHA512

    21509249971370f90c24ea78edcf506a0824f57a37259e8c93b8415b41a60c13a5543184eee60486e42b74bb4ad3ee9bb6355309dc3a277965101b7a3d077e8e