Analysis
-
max time kernel
117s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
18-11-2024 00:16
General
-
Target
5f8c953dba9b9c0d03d7842cbe985045061461a84d5875f8561cda0e429937ac.pdf
-
Size
301KB
-
MD5
7c1cd80357e1c2d6a3a1aee63fab0837
-
SHA1
fa84b3fd9014bbf1f66c890509f61e3aa3f97a43
-
SHA256
5f8c953dba9b9c0d03d7842cbe985045061461a84d5875f8561cda0e429937ac
-
SHA512
b22ded700beb4547e3243c847e2e3ddfdf3481dfd69548a31edfffd26a54ffe1ea779ec5e6d4b7bb39471ba9f9312603cd0dc285b29acecf5cd8041f26d7f382
-
SSDEEP
6144:V8H37ifX0ua5ikyfSZ0itXh9MvH0dBbmuqKDNijEd:SHLifX0q/itR9MfumaDKEd
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\5f8c953dba9b9c0d03d7842cbe985045061461a84d5875f8561cda0e429937ac.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD551b1b392f1f457707aa0b8a9c52bd914
SHA16e3e5237e4148d5dbc55ba5c9d3a9ccdbf7bff95
SHA256553bdf8ab6b6720862a50dbe0907bd56b3c80694c2f2f048545652c385abf523
SHA5127f98e90618f2b186d4dff30b6e219a082585c4eca184b1688bb0c8415784f5ad772a7da1b82568806baafb15f8fccab175778603e83c2072950673ce48428c24