Analysis
-
max time kernel
96s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
19/11/2024, 13:47
General
-
Target
e38926b4867ec920aff43447c22c09274b1fc068204fcf63ad4eb69ba3b77f1dN.pdf
-
Size
344KB
-
MD5
571d3204d19149f5467b345a695efd10
-
SHA1
90b4a70b9e15fce46a4bf0d18873c267413679fe
-
SHA256
e38926b4867ec920aff43447c22c09274b1fc068204fcf63ad4eb69ba3b77f1d
-
SHA512
1d2a713550efbcf13606261ca23f60bf1a49d30bf033bd94f40d178d43b6ce753ca1b2e50ca85d0f8ea69488fc3de75a2f38f6d9f22e1475a1b87ce4e0378863
-
SSDEEP
6144:eVteaM6IO+H6PMteaM6IO+H6PiUuSc4p9b5k/c8jdViLsC80k3ZqnFJDVLBc3OlC:e7GyIGyib/RjdVi4C80kJOJxLBc3OlZ0
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\e38926b4867ec920aff43447c22c09274b1fc068204fcf63ad4eb69ba3b77f1dN.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5849749512750e8591a36609dbee29d62
SHA16df070713ad7a13990cad18b80f565f60b0cf5db
SHA256c3f63a26b1457622d1f1cbbc5a7db99f03b9d5370747224b3ff6982c9d33204d
SHA512c25084ab0ce1c9971ec1f39e9ac40af9052de6f0cd5155cb78c819c24b4eaad28e0effefe0e16fbb5efc088769f80187b3630e7b4cf9048b3a582d0ca39793ce