Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
17-10-2024 11:58
General
-
Target
22d2ad4dad0d391dda3f4b0879edd056c8d7f5a615e54838b96fc0ccd528bee1N.pdf
-
Size
755KB
-
MD5
09be87b5b214eb572621968c429970a0
-
SHA1
a9f875c1af6f99034152d7b0b798007550605443
-
SHA256
22d2ad4dad0d391dda3f4b0879edd056c8d7f5a615e54838b96fc0ccd528bee1
-
SHA512
b309ffc9d39edbaae14e6d7c5baecb1d0f1a202cabbaee088433e5890cec46f814bbe58e612cf3c7a9994dc015b687f55d3cf361bdbd5333dd36db34d88b0259
-
SSDEEP
12288:90v5L2HzDh0tTeXPQM6/N2V5qHuxmp2zl6BpXX0aWxVEqeOFRabgu0D:90hL2H5WOIlQTqHuxw2zg/n0frEsD
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\22d2ad4dad0d391dda3f4b0879edd056c8d7f5a615e54838b96fc0ccd528bee1N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD59ffce025a4397e933530d51417e4bbae
SHA147f99bc880b041fe34e8d32fbfaade9c3881f0f6
SHA256b3e7c049ac6e1fc4c8a780eb58a7b02058828712585015efd24edb2f06df182d
SHA512fe2d32445f42e4eec74ffab9f8f71bde638a73900c46e0d9dcc156124d194850ef7985505f406ebc28c172e7c88a1d9db3706f8d91c06f974e0303096b69feca