Analysis
-
max time kernel
96s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
19/11/2024, 12:51
General
-
Target
3f2819ec8446ed20afe2be609555317bd9cdf51458fb3dd8c8eeec34d654b240N.pdf
-
Size
502KB
-
MD5
a83c8760581dc9ca4160aad13cbd3870
-
SHA1
8b2384551496751d20f595f89d8822e8fb369075
-
SHA256
3f2819ec8446ed20afe2be609555317bd9cdf51458fb3dd8c8eeec34d654b240
-
SHA512
2bfef64e388c1b42ef47d66348ba2686fc051a68efa3175d0a44f1ae4d883de775cdf9563dbf147a6abfbe3d0f10d3223ada3692e21cfa28a7700ce4d031610e
-
SSDEEP
6144:2UMaXlYeMiAiO/cZXrQ9xaXlYeMiAiO/cZXrQ9bTsJq4U/WWu1TFwOiysQVpdTAq:JM7eMiTRrw7eMiTRrqTcUubT3iZYzL5
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\3f2819ec8446ed20afe2be609555317bd9cdf51458fb3dd8c8eeec34d654b240N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5ffca9f4dd5f31bedf892a43cc02bf418
SHA19701a778901314abf00ca2af1cf146e0e805854f
SHA2560d225f524570ef93fea150cddb4025e696ea2e933ffe5801aa9443ab777c7811
SHA512cdb46d1b96eb7debbec6f67575423f045bdf87b1123472a45a1d2de24c26d370329bddb791e770a26081e5bae5b4f0a001aa866de2a3ed59b9567f6086318864