Analysis

  • max time kernel
    91s
  • max time network
    16s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09/11/2024, 05:09

General

  • Target

    9f2a122b77519a99bab058c3d75adc13e7e5ff78dffa2aff7a37008a3e93dab0N.pdf

  • Size

    267KB

  • MD5

    35aa6070440ff4b02af1cce2a424c950

  • SHA1

    3893cdd31492c380274988c71b32f03a72df3faa

  • SHA256

    9f2a122b77519a99bab058c3d75adc13e7e5ff78dffa2aff7a37008a3e93dab0

  • SHA512

    00a3e4f62600b9ddc8948561c360f517002a5f0e1aea5d9f25913694788fff07db7c128c25469c387fb62ae27296ee15461863382d00cfe8ccf7ac7ef01a61a2

  • SSDEEP

    6144:XblQbvXS1oq03jsAuhU/0Bnv18B9mbSJ5dnYxlfABPlJ/eVH:XbcS1oJ3Z6U/0t6d5ix9Apreh

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9f2a122b77519a99bab058c3d75adc13e7e5ff78dffa2aff7a37008a3e93dab0N.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2860

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

          Filesize

          3KB

          MD5

          a980c3ec828cc332ed9a9d5ec3e6bbe9

          SHA1

          607b42cc958be38b6925c7c7c82da57fb7a526b7

          SHA256

          29a42c9bcc0a8a521ef2a6796efcc8ad074f16c1b1a9b53ea8196aca4e3e084e

          SHA512

          43b0f2ecf73e6bd077ee6ef080ee20143dfcb5addba7396cfd749aa2aaf021054e2e5dec85b9da91d9b3fc2892b2ff509ddf679a9247c498e57e041fd5daf9d9