Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    01-11-2024 10:01

General

  • Target

    Претензія з додатками.pdf

  • Size

    2.7MB

  • MD5

    728145facbee184cb77bec87bbc6872d

  • SHA1

    22d4bfec6459c9163eb2d5f39a57629e5e482721

  • SHA256

    0b26d0ee27fd1663581d82fb0895b03d4a71e175884a008fd0add1105b13fd0a

  • SHA512

    f3ee25642fa2e63cfaffcdef3cfa4aed9008ea0030975cb952b18c78a2fd6549e88bc612aea1dbb2d9cd591ccb640a70ba4da1f7e6d3d4b027c96e99554370bc

  • SSDEEP

    49152:EQus38IQe9iCdASeuOX0LowU4PJKxi5uqUMbHfQAZ0WQKEFOul1T3WNYZ0uM:EQoJ8d3euz0OfzTfQ/KwNy9f

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Претензія з додатками.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1668

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    c59ab9cdc1f0396a39cd2d49a4c6d95d

    SHA1

    ec3b406192fe37d88d8c60f8784a618afb0f8dd4

    SHA256

    0a864a62081aab9c5492b3d520cd24f8f6325ae7e90eccbae7041ea5dd2bc133

    SHA512

    dd274ad8a2bea28efc62f69d20476fa418de2e2cba43d31151307b6fbf731502b29b346d0b52ed5d8bc08a8c64800ff9385f6dad66d9532a53928305c217bc68