Analysis
-
max time kernel
94s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
12-10-2024 13:47
General
-
Target
f611f843207c6be2ad47f3cbbe7069bb696d3e1a94f9ab665230b2907b6e46b8N.pdf
-
Size
376KB
-
MD5
726befd6d0f329edc1173a8f0ab6a8f0
-
SHA1
313bb8a1fe406dd2a745fd24a186b1a43d0c2de2
-
SHA256
f611f843207c6be2ad47f3cbbe7069bb696d3e1a94f9ab665230b2907b6e46b8
-
SHA512
6796fc69117d5d7083c1e3168bd7205bff36a1a723c35bacf41de1a0a95ac54049d0cc9a3038faa1a96a398d17a7a3bf1860479dc202f14b9afc2e15198a2efe
-
SSDEEP
6144:27rOgslMC4dOx592rMvcUUjLwtKk3CeSkVdQ0sKHYSUWTqZgu7pnITI0JYEy53k3:2/Og2MC8OxviPjLwtJCEqdhZgynIM0J1
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f611f843207c6be2ad47f3cbbe7069bb696d3e1a94f9ab665230b2907b6e46b8N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5ed4e9f6958967cecc6d1c47e6ec016e1
SHA123c6c8532e854ef6d2a0359345837f19f0c4d17e
SHA256fa182a21812c593bf8c2ebac7a9da16fc807ba2a127cdc2fb0cbc201a9b01744
SHA5126274bd2c8ea225023ebb562f014db45ec6b9e5581cc0233974eac9e844fb9652e059a08f801160c82ee332d92809725e97eb2c83c5b988df57585ce3579bf7b0