Analysis
-
max time kernel
122s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
19/11/2024, 13:53
General
-
Target
DAE_817573.pdf
-
Size
101KB
-
MD5
e64113b9b6ff20b7ee61fc95fa2723a7
-
SHA1
c730b39ec1016762b1d954ad7a6d3eec67d08e80
-
SHA256
db08afa2d122e6e645b72736041b8f00c44508711692a223782ffbcdda72a8de
-
SHA512
cbb90184c34a15ecc80a36db194497605ac32aeb22c56e85f03489a1cad870cf9bb95105afb2cbb61d0f22db838b0142789d6c3101ee1b0230f772957c51d261
-
SSDEEP
3072:6kvILBQRNTLV7NTE5Uo6gt5XqKS0DmtYMDNA9w3Js:6kQOl7y5UoznkqmC45s
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\DAE_817573.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5dbb2c0370ea4fda04ab2c4bb34cf0a28
SHA1aae8a51496359baa23cdbb710b74c8d1806c79d0
SHA25653021b7649f3aeea3aa5d5ec5f009d9701407d6e3a9c350c2984cf5fbbda712b
SHA512a87a3ba9843e0d666072014debac4d2a5cb46772cf2018627e3d71215c09b5565839cdf5d6f843970e4bf44a8170ecbc7872f0ce78f6d09ebf8acc6e16baa49b