Analysis
-
max time kernel
118s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
31-10-2024 08:21
General
-
Target
cf8e2bdc6a84d0928815d56783b7cb21429a8c41bdcfc4b84622ac354c5c1045N.pdf
-
Size
54KB
-
MD5
590af0ea4809a157b9af4b66abb84c10
-
SHA1
b23ca1d6d8568bb80574bcef3bf3c3d315faf643
-
SHA256
cf8e2bdc6a84d0928815d56783b7cb21429a8c41bdcfc4b84622ac354c5c1045
-
SHA512
c9b710aee13dc1022f6540aae3a990a74576a79d10ba0454fa1785f22645e7daf46af860f61218c052cf36b2fd925b1a764f61486acad5dfbcaf66b6c4904000
-
SSDEEP
768:KuzdNIggou41dMV+foYlP13fMmmO3eflROblGXajZoNOtk10aYKa+vz:lzIW1dMV+foY5J2mAlROgqyca0RKvz
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\cf8e2bdc6a84d0928815d56783b7cb21429a8c41bdcfc4b84622ac354c5c1045N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5a47ff4dd73f6fa36b44a936e072264ce
SHA11772c7e3ff8e6e8780298c5e21893867b77da9f4
SHA2567571426e3dd0bf57eac755bf6dc061ad279dde8d39c86ae1cbaf75e944f3bfd1
SHA51272faef09a1568a24ef6f8a586bc4285a54482f9d177c1be345d2b4d561fc1385474a92ed68c876439c2ff52f3bc8da9c2829f917fa79ec403cc56d88f88f764a