Overview

overview

4

Static

static

4

6e2a71338e...fN.pdf

windows7-x64

3

6e2a71338e...fN.pdf

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    18-11-2024 20:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6e2a71338e9d3f5754de59eb99daca0a524a2ca38e54c15d067f08c96f23e94fN.pdf

  • Size

    1.1MB

  • MD5

    f5c69b389a6888cc8735d5bbe9e1fea0

  • SHA1

    064085ebc5f04b70e47d6df16c9a6e2ce47091e2

  • SHA256

    6e2a71338e9d3f5754de59eb99daca0a524a2ca38e54c15d067f08c96f23e94f

  • SHA512

    6380c2fe6ccf226f87b9b97ac52d57d4782b51164574b143818ad2f62c7d276e2eed07fd656323fdc5bd6370fc2c43cf5bc9a8b4814d839f4484d1fda0a9c2f1

  • SSDEEP

    24576:1U0DrA6ZwM5TOKWLGGMBs6JE4/9eZsU0DrA6ZwM5TOKWLGGTAZpfd6UxMM:rrA6ZkKGGRoOrA6ZkKGGlaM

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\6e2a71338e9d3f5754de59eb99daca0a524a2ca38e54c15d067f08c96f23e94fN.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:876

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    44b40e9404e6aeb16706c39f91c73d09

    SHA1

    878b26f76d2ba5dc8e6d2b2fc0170a10306beb11

    SHA256

    9929e9ab1cc1a115bcb2653e4297c9f9e42c42bcb5be360adf58bbab84dafda1

    SHA512

    231a6125490ebe1e8a5de984396ee9d4f88993d0e016193acfeb6070ff5bb469b02f469e5450ca375ba8a63816ad6bb081f36fa3b12a340551f7e3b7aacaa534

    Download Submit

  • memory/876-0-0x0000000002E10000-0x0000000002E86000-memory.dmp

    Filesize

    472KB

    Download