Analysis
-
max time kernel
121s -
max time network
128s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
23-10-2024 01:16
General
-
Target
KTR Bilgisayar Yönetimi/Kullanım Kılavuzu.pdf
-
Size
764KB
-
MD5
2a826a713da452cab69a017133171670
-
SHA1
fc22d17ee8843a793571ba23d194efa00db48847
-
SHA256
7afbec7252a7203333afbefcfd725d8c25350ab610bb48ba0b0d60c82b5bfc78
-
SHA512
4067930355f7535e420a481e8c77c0a8e25892527f953960fbde8f8e3297a37c0cc5e77a277cab1a0f402a77005152aa069c109ec51eb043670772fc2ad9fec6
-
SSDEEP
12288:uoZT3YcNd6NEJqCtRIqc0kX5ZBWqsI1TIeKeimy7e561CSmrMtWG2DOQlnB:uoZxNd6NEsyyqc0U5ay1TIeKjeeBiMp+
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\KTR Bilgisayar Yönetimi\Kullanım Kılavuzu.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5f85c9e0d09b96f732494684f3fccf6ba
SHA19c888b695b064f09e66e042b1969a3554fb7a498
SHA256acd2dbd21cc6da9aa7cc5a979af5dd6c5bd62ce558043e8744553da0a16028e6
SHA512392517d00e7652ebce92ecdf84af00fc648bc43776ee73953d96680b3f463ef72e567dc65311a925af467ca82c48327302172bd28f1bd4143524bc15bcc6cfff