Overview

overview

5

Static

static

5

001.DemadaYAnexos.pdf

windows7-x64

3

001.DemadaYAnexos.pdf

windows10-2004-x64

3

003.ActaDeReparto.pdf

windows7-x64

3

003.ActaDeReparto.pdf

windows10-2004-x64

3

004. AutoA...30.pdf

windows7-x64

3

004. AutoA...30.pdf

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    12-11-2024 19:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    003.ActaDeReparto.pdf

  • Size

    261KB

  • MD5

    75b35a07dcba5b2954ff0cc9503524da

  • SHA1

    ba545b1362c78edfe3098346cfb076be07d5f5e2

  • SHA256

    c6af30ae015211b48aab218bd675f7ecdc85c8c841bd62816063d8723b4ce54e

  • SHA512

    b9671436d67b60617f6ef2c4295681440ef39663fd2e48d935764dddbdb35389fcc5911b1dee2c56ec6cc8fa17fa31b54b540efd30293a19de29b1c328b491ba

  • SSDEEP

    6144:M48qfStrh4YQ9ATeq4CeubKNBZ7XE/xMlvKiipHoK6f:M4Bf2rWM4CVe7XqwUc

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\003.ActaDeReparto.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2124

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    416041e293c27954aa79a1f544378b38

    SHA1

    9cfbe80a2cea5b95591526f59a462f3d5a99c037

    SHA256

    078db6e65cea611c11bd83c07ab25058cafe640d89cf11374cdc6922044ca6fa

    SHA512

    f40d6c5baa893eb8826b25a3bf239612188f05b8cb85698ba47a79ea0ff0be40ae77c9fef345433488dca7b400b5b3a3c4274bcd6cae53def72c56a8b3d3be1c

    Download Submit