Analysis
-
max time kernel
94s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
19/11/2024, 09:52
General
-
Target
c0fae52f434cea6191417b4809c73ce68f12d4673ff3392d02c8c005f4365f2eN.pdf
-
Size
510KB
-
MD5
c1317ed4cb447fb60720454985512150
-
SHA1
b9625b902fb88085b8fe7ada416e9542a6f7839b
-
SHA256
c0fae52f434cea6191417b4809c73ce68f12d4673ff3392d02c8c005f4365f2e
-
SHA512
42417b97db741b193eea72362dad4221a63f5dd0b078f9c413966a80e60a85ffedc4908b999a33a816e483a92970a6298931bf0392c6b1bd9fd3f6e866950d3c
-
SSDEEP
6144:TaXlYeMiAiO/cZXrQ9zaXlYeMiAiO/cZXrQ95TsJq4U/WWu1TFwOiysQVpdTA/iH:T7eMiTRrS7eMiTRrGTcUubT3iZYzLH
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c0fae52f434cea6191417b4809c73ce68f12d4673ff3392d02c8c005f4365f2eN.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD59fc9d11c561fc72ec93d21b8d29768f3
SHA1192d3d171466f8dfcdfb82cd5defdffe7c10c84a
SHA256c1ae80aad3f4ed8f99e5ddbbfbbf22a74dcd7c71db9d369d2f486e249a7413a5
SHA5128461306bd877eb71c998054248c76cce6488dbcf325c28d3ab414e3733b6cc1c01adf5333aa39593d7fb8eb0247649eee94650dbe7e5fdab23d98638a21cf54f