Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    25-10-2024 17:16

General

  • Target

    [email protected] Salary & Benefits.pdf

  • Size

    40KB

  • MD5

    619ef790b532e9b8e9100d7a01dc3a3c

  • SHA1

    f0f31376c6c30f25a88d1f92f0a1b11e4acf08a5

  • SHA256

    15ac152bab06e685c06a82a6a593a9b54fa7d02c8694fa4b2c749ed41aaff0d0

  • SHA512

    e9aad1a785c944b798ad3cd7749a590e60a3beccba5e0aa68db3338714d06a68c13c48f7885c3b4593bb97086ac27b9342fe8e4328c94f91cd6df5651cb18cdf

  • SSDEEP

    768:tn5psVFT/TczuJbvr3VveLhebxQCBYEMr4HJJ5iKZU02Tq66kQSwzDB:tUzTrc6Jbvr3VveVe7CTgJ5bUZTq66kk

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\[email protected] Salary & Benefits.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1996

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    20f003e5561507a24bcd925d54a03ec1

    SHA1

    e5a2ac04137823cf3cd995a977c616221732b796

    SHA256

    dde9ad967a6e4083901ba2fde58ee93e408b3e692ae84764cc701c9fb9f1076c

    SHA512

    f9c8810dac706ba10e22450c32bb30e01be1acc55cd8897c281b40d9a245645734c1cc336bba13554189bc4f4577a3a4a882556f86160aef8deaf4263a1a5ad5