Analysis
-
max time kernel
120s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
17-11-2024 20:57
General
-
Target
1747356274abc58aad8ecbf511da028cf499667be22c875765655c33e514d71f.pdf
-
Size
101KB
-
MD5
0446cde2e7da030b987a6bf5f676d4ba
-
SHA1
590c7ea64ee35e0a60e6414e60099b4cf33f7d4b
-
SHA256
1747356274abc58aad8ecbf511da028cf499667be22c875765655c33e514d71f
-
SHA512
cea1bcb9c47c156e821e5c96d16465819e16057bc7485079a833f9307955b9d6ed10fe6c8a9bddb99a8a19b46da68b6af070c1498e46ca50c4208a1054a9480d
-
SSDEEP
3072:1qA7IzklSyITzaPEBK+Thv+qMVGdfKDI0PZkXHUc+8Tt:HHohz5K+ThvQVG4DI0PeXHUc
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\1747356274abc58aad8ecbf511da028cf499667be22c875765655c33e514d71f.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5907c1c751cd7e8f9c261bc688fd53cd8
SHA13d7b156256339b13ebea8e9946e6c55432807ca6
SHA256b181013517153356a0f3feebf8b530a3ad0f91941635e41a643d01728c0f6ce6
SHA512197b0df869185c62624e15abac531f0e377a2bc970b0c490c6d662c771aaabd00d80ec345e3f9e858087e94f2892cf51a1ace689299d97c9d833aba44c261d2c