Analysis
-
max time kernel
94s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
19/11/2024, 18:17
General
-
Target
b8b73e658053161d9cb45a5fa3b69c8410a51dd655f6d665494f74a61a5fe931N.pdf
-
Size
511KB
-
MD5
0e2cefde02b11aeea01a55e0584c33a0
-
SHA1
e0ceaafdeb852f30332715d277d0e49701a3ed8b
-
SHA256
b8b73e658053161d9cb45a5fa3b69c8410a51dd655f6d665494f74a61a5fe931
-
SHA512
b51fd846f31a1859bf572be37f6357c874f24a5e0a012608930433c71f58d62d1359f5be0cbfa3c99decc65690a50b0b2a284f62c26ddb028010f10d9586734c
-
SSDEEP
6144:83ZqnaXlYeMiAiO/cZXrQ9zaXlYeMiAiO/cZXrQ91TsJq4U/WWu1TFwOiysQVpd2:807eMiTRrS7eMiTRrUTcUubT3iZYzLC
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b8b73e658053161d9cb45a5fa3b69c8410a51dd655f6d665494f74a61a5fe931N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5c9f37260fda2a6eefb3deb1c9b0b8357
SHA112ac2ca004406176b3dab836cd2f3105ff79c83c
SHA2566843241ef5aaef73536579ada12fae322df7084ad496a6119c4689f59482ff6f
SHA51216e31bf0f22ca1d9df3f21f8407d546ab34d5de2dd25e318fa6ee1d645a1db725b979f26868531cd2e23406eb7e3f08794b7b5472fb576c4a6c04be259cbb8a5