Analysis
-
max time kernel
11s -
max time network
8s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
17/10/2024, 19:41
General
-
Target
SaleInvoiceWA083IN12078.pdf
-
Size
214KB
-
MD5
a76e64cf04d41e4f080ec6134189443d
-
SHA1
a25b9ad2c5fd460468d239b6dc1e1de7cf6bea14
-
SHA256
bf181a79ef6f8ecae705b740b031bcd315b50937e1050146654c2755de7af8bd
-
SHA512
7c9989164f5edb455114426d9a364b51bce2b12c2210d21fcf48c090bc2252a2339e456d7f4339d446589ed094d288b0631cd7c830624cdc8f11a94dcc064f48
-
SSDEEP
3072:D3b1WLV4KIcItGgU4wLqlZfeKbjC0lphrmqU3ix0e9fIgF2yDS0JAxND6p4jL5SK:D3bohnBnZRiXCOhS9UAgFTAxNupiL5+U
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\SaleInvoiceWA083IN12078.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5fbd0ec296547744684a6dc42acb05b20
SHA1be24e3ce9fa5ccc64588c66fad63e4a6186d7b82
SHA2568b027ffc7ff04b4786d4e1b5a2fb879de0f1fa2c176eff3557121b944f82e622
SHA512d49443b52307f058b3aa7586de10d25770538b503a58909a6d4bae9644eec3db99240526bbfa353a14db795cb5b8e66822336693128d89a5df5f3798b0dfaf61