Analysis
-
max time kernel
118s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
19/11/2024, 16:45
General
-
Target
7c41e5a9795c3f7914730b34d5bdcc160e4827850684a04ae3c31c053ba6581cN.pdf
-
Size
7.3MB
-
MD5
8e4c5de5df446742cb08ba5557a4c560
-
SHA1
0c9dd6e4a7efdabd1d9a55fdad2247cb5a1f026c
-
SHA256
7c41e5a9795c3f7914730b34d5bdcc160e4827850684a04ae3c31c053ba6581c
-
SHA512
a4c48dfc2c22350cad4011d15410ec1464a531b21a3095bf951f0f59752a86afca2c2fa99a22290b3c0a63f66705f58aa470e915a2ccb6ff7ddea906d8fe3ddc
-
SSDEEP
98304:bZUQM13waSfTjs0WL4dMvPKOqKC6IrhsaFrkOMg0iA/XzjMDR/n2+5s2bLOKS7FR:6gffJWqtLyaFrUgI/Xz8n2KySvx+rFzh
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\7c41e5a9795c3f7914730b34d5bdcc160e4827850684a04ae3c31c053ba6581cN.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5596b01529a9082546a749e5fe00b897b
SHA1494e257a89a9ad5bab736390ca9db0404a359a15
SHA25623ce1f1453cfb0a864e68fd0b773680575be48238badf36c0aea31fecee228d9
SHA512e3f2b7ae164ad62e9658227db548d17d1198a694cf7a5eea624e044f1557841f866d67fd95d3d88250f2c5964a605624f4b6e569d7ddea16cf09a8fb19a4cb83