Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09/11/2024, 19:48

General

  • Target

    11c8f647e84a08e4813eee7df608ee752b8a05f54fdf52b8f6d128e6b4c538f5.pdf

  • Size

    57KB

  • MD5

    891c4f537591799163895d9a99436507

  • SHA1

    bd6133e098f53b24098bca39b7755808671228e4

  • SHA256

    11c8f647e84a08e4813eee7df608ee752b8a05f54fdf52b8f6d128e6b4c538f5

  • SHA512

    ba971b414bc905016f36a62883e481d174e6d951963daed9b24f72dcaafb4f92e9cf7ea7d9f27d398d2ef1b77bc79c5d71d63a09dc171cd15e47d2451ef6515d

  • SSDEEP

    768:/uzdNIggou41dMV+foYlP13VFGhXyaOftflbrvJzO624N5kr//2OWWNDPvdKaOx:mzIW1dMV+foY5Yofttbzoc5kDiWNLOx

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\11c8f647e84a08e4813eee7df608ee752b8a05f54fdf52b8f6d128e6b4c538f5.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2792

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

          Filesize

          3KB

          MD5

          0e539a9304916b16a768cc0241f1569b

          SHA1

          7a5925647db2ed8905b5bc8e17ebba0ce933ecc5

          SHA256

          038407478b17c321a1c98bee1332feafa2f78094d31f09b92038ddd2bd576236

          SHA512

          d12a7463a8654a3317dec5a279a8964f7f0a1a8a4ad41854c9243bc14fce641dbcb44a80a031b445815035c0d1ab8c4f54f902e6f8722c9a93d3a81bc1a03c90