Analysis
-
max time kernel
121s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
15-10-2024 02:19
General
-
Target
001.赤湾停车场钢连桥-连桥柱锚栓(一~五区)-加工图0版-20240905(只加工22个��.pdf
-
Size
819KB
-
MD5
10134e01f9e345110210ab071e4fa0d3
-
SHA1
d5ffa45bf293e3c44664dc9af961d6fa05b27ca5
-
SHA256
24d6749dcf94e70a3cb2f12aa898f1827145c26f7e4c013b0f769069a63370e8
-
SHA512
0c961742c82bbd7df7c68ee50b02d13345b349f1b73628e96921bd08f9ecdb593f2383a4745de35b0c973bd1c6144dbd01c1afbbdc4abc76c43fd4379ec7c652
-
SSDEEP
24576:KLZAB4H8tidbyps0EeObWCypb2DPMUH+rERT:6BMiFis/ekWCypbOPSERT
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\001.赤湾停车场钢连桥-连桥柱锚栓(一~五区)-加工图0版-20240905(只加工22个��.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD50e1cec6915dcda534d247d8cc9f7a66c
SHA1337cdc86446b358701f7145882c8fb811f7e0d44
SHA256abe74b88bbd64bfd673c6baa07e41c0b5b82f8739d551e2197858065b3615ba1
SHA51283114d5303b29efaa338a0dd24d1319f77e274f2066d7ebbe3588f710a76397efba81627057f686af091f5964529079e6aca2f41b9f95e9686432864ee9de45b