Analysis
-
max time kernel
91s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
12/10/2024, 05:34
General
-
Target
ff895f46a6ead8dc17ad5f7382703d21ae128ed9c5724d15407bd693b5da5654N.pdf
-
Size
465KB
-
MD5
0bf9e869f3a19c2c608931dd46d1ecd0
-
SHA1
f518247af4080f6b3fd0c6831892e0161a0358da
-
SHA256
ff895f46a6ead8dc17ad5f7382703d21ae128ed9c5724d15407bd693b5da5654
-
SHA512
cf15521498273002b67ae6f7d577a4858982b0b7e03df2ffcb426fee9c397d8d00ccdf330fe014d3ab7c12611ef5e92a83a8aa31afd9a0ecf581b7fbcde3bcce
-
SSDEEP
12288:c0v7Rlw88FzHD9ucTcFqLNTrXnbW1pMeYmhWhExPgTr0EJjH/vITq:cq7RlCzjgBFq1bWrMOhzg30UHuq
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ff895f46a6ead8dc17ad5f7382703d21ae128ed9c5724d15407bd693b5da5654N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5859f6ad112427a3ff0935ec6c6e343fd
SHA17b30f1883421070e97e09b6041f524395b6c7b28
SHA256f3dc122cbb215bb8c22e7855bf108e99a6a4608130b5ee44cc8e3ff5b2ffa929
SHA512df24c956e743d243c7a579ba85356d21755f257a98e68025efe79b639bfced4f993a28ac29e9cb77495a67fdbc101be7917018cee35730694c66dd8d938b1b70