Analysis
-
max time kernel
117s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
19/11/2024, 15:31
General
-
Target
TCEQ VOE.pdf
-
Size
271KB
-
MD5
3e19b1c353519eb8f7e83a4254c3b0aa
-
SHA1
b7ee84854602e3740e5fe1e256abaf2b8ff51269
-
SHA256
b1916c4e7ddbbdf455178aadb6d60e6dd52aa0ac8ff631df39882c971c474bfa
-
SHA512
f88f078d7c3603b2aed5744114cfed72d81720f6a8fee820874d324414813fab2034be747c14d8d46988249cc4be1ea1c54c9996254ef9816a6136ea01d5c60d
-
SSDEEP
6144:9+1jOa41B1n8VRhHmwpP0crYAZaneE10QZXaqVepjlqgp0E7xqU:9+pX02H/ZBUA8ekK1FlqgPD
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\TCEQ VOE.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD503204384953cf82842efca831a29f1bd
SHA1cc8227e4d03a84b78e295b793ac9bc9749617866
SHA256326585f31a3a68e3c3aeb25ffaae737363f471864bbf748a738db0da0f0d1a76
SHA512d85646b3d90034f7f409af3260cb0aa87b63ecd8965ffd830cebb521f42ed44fef0e6ccf0a5a195a3639877e3d1e1a7c4089da8e93abb2063845aa39fdbd309b