Analysis
-
max time kernel
95s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
19/11/2024, 11:17
General
-
Target
54e6d2e258c7f2b6586fe13f78f44d18bda95acf8654da2c6e2e2cbf53d1f42cN.pdf
-
Size
359KB
-
MD5
3ddf97ceb49219d6d48d585e6338c7b0
-
SHA1
3633f1a29f317c332857d7392137732d7088e116
-
SHA256
54e6d2e258c7f2b6586fe13f78f44d18bda95acf8654da2c6e2e2cbf53d1f42c
-
SHA512
d5d5d202261fde3bd41fb8df27bfcad5c938ef2fb726dd22315bf86e2cf566b3e146b24f9ae8492e36509527b1f392da745c94ac69b1fe7d4b86872b7b137644
-
SSDEEP
6144:GeEr3NteaM6IO+H6PQteaM6IO+H6P4UuSc4p9b5k/c8jdViLsC80k3ZqnFJDVLBT:GVHGyUGy4b/RjdVi4C80kJOJxLBc3Olp
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\54e6d2e258c7f2b6586fe13f78f44d18bda95acf8654da2c6e2e2cbf53d1f42cN.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD521c4188f35de4e580993402d1b263169
SHA1fa0348880a7eeaa6f7eb732bc6b960ecbd17c999
SHA256d46635a8ce8f3c692a8e4f40a682b0f0fbc48fddb17f03b95fc55bc6dc7cc20f
SHA512cd04ebd1a14a7a35214feab3a2f8e8810e590e3f014422ad59f4c275e4c0dd8ab1fd6906ad7dfda6218c92adfe533673a38e962cbf3c9518fb60e018d54c5e63