Analysis
-
max time kernel
94s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
-
submitted
10-10-2024 15:47
General
-
Target
5fa4dbe7ffda9a271f2d11cacb6c86202ec9539cdf5040dd516db712b84c319eN.pdf
-
Size
349KB
-
MD5
c574eeaff749d7c26ac46493a683e440
-
SHA1
c13317cf589a9042a8f723e3cd880a3cd51ac038
-
SHA256
5fa4dbe7ffda9a271f2d11cacb6c86202ec9539cdf5040dd516db712b84c319e
-
SHA512
d4de68dfe677016b3516a62792436c8182942811f709e3751ee2dddbe08e6194a26a99c8dd0de2b2b782ac7f7876238393ebc92d4c5eeb4a95b250b828ffb621
-
SSDEEP
6144:ufAOrg/qXiE+iO95KedPv1gLhnTs2jjtFx8SgnuRzEoFJPPzwvt:u+/zE+ixeZtgLPjZASguRzJHPzwvt
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\5fa4dbe7ffda9a271f2d11cacb6c86202ec9539cdf5040dd516db712b84c319eN.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5c95cb05389120003c81edb5f2e902a10
SHA1d5118c812c5ce8a2197053687599d1242a194cb3
SHA256ef15096394881bd5b519676e3f236e6c7099c72de491019a3015951b6968740f
SHA5121e2622d894c363e480dc97e27eee5ced0e841f1e0a3b55198bff8389d448eac9eb48f49dbbe312f4a45667497a45618cdcc933ee680b68502c5da885df1bfb31