Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
10/10/2024, 06:17
General
-
Target
a4800cee3410e44b93a8676c88194ec70bcbe382a39593bc7ac75485d07a2c95N.pdf
-
Size
7.9MB
-
MD5
da5dd6d0c44de02a0f1022766c507d90
-
SHA1
62740dff23123c90aaf5c53522a0220af96e98eb
-
SHA256
a4800cee3410e44b93a8676c88194ec70bcbe382a39593bc7ac75485d07a2c95
-
SHA512
e168954103b85b1450351d6c36be07a56caca0de3cf61f3641842468924301f5e41ca8ed22abd2b1e25c69f98fb04ce74e83d1023906de1bd7edf2e18aa2d373
-
SSDEEP
98304:JLzCotTHJNPDyWxj7P+2JdDVWuvZR9HqyEQ2zcNruEXbMDaJ0w6zSHFmFVEjeae/:JLzCcTHy0j7RvVWGZWyCcJIWuwj4ae/
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a4800cee3410e44b93a8676c88194ec70bcbe382a39593bc7ac75485d07a2c95N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5fbba073efe4ca8ed4a2b08f11d163d1a
SHA14296133c938621a45c63bd630f02046c9d7017c6
SHA256b313c033342c5063e71ecff92bf2423de61524785f59b959d73a1e6f45173058
SHA512f86ab5df152c74976e86733b3466dbe47bd0c0ecc45b0e62176664069b3024e1f47b732bc1d452f5252361c8a4f56ec73de08c32fdb587fccc0bec5929419539