Analysis
-
max time kernel
122s -
max time network
128s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
10/10/2024, 00:14
General
-
Target
a77f5ec2566e4edff17d92b11a8f41cd23d1ff25e197a97cdd8a8ff67ed3fe32.pdf
-
Size
59KB
-
MD5
daf3e5320f19b66ceb8c15389cdaf2d3
-
SHA1
88835a2b638a755ab0d86db5f2a5d8f453f266d9
-
SHA256
a77f5ec2566e4edff17d92b11a8f41cd23d1ff25e197a97cdd8a8ff67ed3fe32
-
SHA512
d34efbdc4afe89b0268158f164f0de7e41694862a5ed2cb442ff33f0381bb7b429e2d13e2758c569949a6057e51047e2717bf8b765a69a53a843dfeef3364987
-
SSDEEP
768:3uzdNIggou41dMV+foYlP139T2751x8eMnASmU+FcHv5F0Tj41DY1:ezIW1dMV+foY5bTAXx8eMJmSHv5F/lY1
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a77f5ec2566e4edff17d92b11a8f41cd23d1ff25e197a97cdd8a8ff67ed3fe32.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5d27ba2b16b1654b1cfc197c64bdc1a0e
SHA11df73abf30c90fdb922c9ed40266385d1538873c
SHA25635c4974dda64114752fc7ca8727fb1e2c5b5bf0a9687b3b847f30e51c945d091
SHA5124a4cae98eba6abc266b92d510279008f907cdec34909479fad4ebecd7735a06771becebb7b4503927bb42b585228c2ceda788543535db4e228808b9e4d1b4964