Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
19/11/2024, 13:44
General
-
Target
DAE_50102.pdf
-
Size
101KB
-
MD5
e74a3173437524a646e76aa4f6ef8cb8
-
SHA1
31e55cda2edf87d483a8b733581724b5372461fe
-
SHA256
dcb5ed7433011d270793f4146e25c6626e93540f823f7466d3542e38da47fd63
-
SHA512
e0df9553cc5a0e0c398601418774b2f690594d8aace9984568d609e4ff1bbb33010f8ed340bfc02bf1d71b871f61588e8af4512581e63d38f7851041ac64b013
-
SSDEEP
3072:rvILBQRNTLV7NTE5Uo6gt5XqKS0DmtYMDNA9w3JL:rQOl7y5UoznkqmC45L
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\DAE_50102.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD55bbb14e81403fc3db4c132fe13bee8f6
SHA135da34e9ebe7e383d311640f86dd6b31ce35d009
SHA25608ca5e8ecde325f1fd14ad0d3565b8d77a40cf6864e395eb76e595f19735d8f3
SHA5123c51df8086efb99464ee76187c0753b285ffddff3de6b21eb344567895e44a4ff07cccefd666c12981e479a78e87a9bdf113155208409dacf358e30d268a29f5