Analysis
-
max time kernel
95s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
19/11/2024, 10:58
General
-
Target
fa645d258ede390ad8b134ae3b69414fa8e25b19224e255278c637e5c17c46b7N.pdf
-
Size
509KB
-
MD5
e6cd8e4feab82f94267878c088baa270
-
SHA1
71cc97b7333ebb641cdde1ab7bec5a8e62744a79
-
SHA256
fa645d258ede390ad8b134ae3b69414fa8e25b19224e255278c637e5c17c46b7
-
SHA512
0374177f88704c28c201aa30100cfb9d3b77f389f57dc2e961eeb81a535ee6463b86338a4054514c6565deb6099f9083b24236cc4c44b48d08c4ff7865db32a6
-
SSDEEP
12288:kCV77eMiTRrS7eMiTRrGTcUubT3iZYzLs:kCV7MTIMTwAz/6
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fa645d258ede390ad8b134ae3b69414fa8e25b19224e255278c637e5c17c46b7N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5ae176bfe63a572c791ce224fd5b922f0
SHA199dcb0a6faf3755518b1f5e619b99f061243c42b
SHA256cfe46cda613fbbb2c0f11f1e1a1153bd5a80f2b56a0dffd195328f5504895a31
SHA5120ae52234c383cc5e267ee2a977da607ad4d4cdd86a10447361052b0f11a85e3930bb34b90f94ba1ca082ebadf0567f6bda9ff7c7b85a946fed8deb8f3cac2a25