Analysis

  • max time kernel
    122s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09/11/2024, 22:03

General

  • Target

    help/pl/dia-manual.pdf

  • Size

    131KB

  • MD5

    48e1911049d4211d09ebcc430975c2dd

  • SHA1

    e37b3f811be5c4b3530dd8b6f9b424fb285f4c74

  • SHA256

    b3f5aa44047c4b10bb64294f4dc03f626a30ecf5f5ec1e55efda34d5f57c2bfb

  • SHA512

    28f39ee7e5cf9c6967ddc51cd37412c1a85ce15cb151123d250455dd58c974eb738f5eed7cfba8d782819c04c9b4cf0349299175ea34a699b3d77c8d70684f1e

  • SSDEEP

    3072:o6nnjmOV5zPYvwQCmKqyBdMW40sb+ah4XVb:o6nqG1QC6yBdYTb+ah4XVb

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\help\pl\dia-manual.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1588

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    aa09e122ec07d6008196e362bd24ed6a

    SHA1

    b9fb3af6b128bc6b9f53c52dbdbfab7ae280674e

    SHA256

    f18ab5f521347ceef2771a74f8eea253102fe73d76deac97706bf37b2fdcab54

    SHA512

    d5be02684745c46c25550ef86e01068bdb7b1b23042ee73c69bc6c1e37a15336e0c5ae15bdb219ae1eb95d0e436b18cdc48651d76df72a5e7558f446c5590678