Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
19/11/2024, 18:03
General
-
Target
da451c1311fa41acc40d9794174ddbe159b7076f2c628195d16003a96532fb99N.pdf
-
Size
368KB
-
MD5
917c2ea5cf7113cbd65f5dfac4c051e0
-
SHA1
30cc6f85391557ab07241073a46348d6283325e8
-
SHA256
da451c1311fa41acc40d9794174ddbe159b7076f2c628195d16003a96532fb99
-
SHA512
07c561a14e7ab7348515f01d0df949fd5c019fdb68b803bd7ebe51b9fc1d250f391b4bbcad4f1b028169ead5eab74293ca5f9f9422e156dd5ef5cf509cc8a141
-
SSDEEP
6144:DUoxaXlYeMiAiO/cZXrQ9ATsJq4U/WWu1TFwOiysQVpdTA/itim:Qox7eMiTRrnTcUubT3iZYzLf
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\da451c1311fa41acc40d9794174ddbe159b7076f2c628195d16003a96532fb99N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5ee66b8e1b37a3a76375dc27d8355d77a
SHA133004f169a290d91c1dd32547ede1b981d86972a
SHA2564d6117f17f322ac4ec330d83449b0386302273e3fd1521407d9c8e5ff003f8d6
SHA512ab06dcbff10ecfdb7d95e0567399c98eacf7cb7eb9960b83f0fb7557692a569f9b66d52b68e85517b2009703b5082fcb2c3239caf765c8f9c70aad21faf4fd09