Analysis
-
max time kernel
94s -
max time network
18s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
19/11/2024, 18:20
General
-
Target
403a3e9693bdfd7ddeb04f6204b3e8b32ca02ff1b2060cffe4363e1f55862517N.pdf
-
Size
384KB
-
MD5
d0040effa00dd78f46ef881913931920
-
SHA1
3901f9689e37441daebf40033177643a15fe2462
-
SHA256
403a3e9693bdfd7ddeb04f6204b3e8b32ca02ff1b2060cffe4363e1f55862517
-
SHA512
bb69be3fd4adb6dd86fa69c31a1c78bf814168f4f67e2c9cece47b365cdffbe8dd67bc842adf29229d3be2d74410c427559b659edc547e42ed3fc93e99c825b0
-
SSDEEP
6144:pgnaXlYeMiAiO/cZXrQ9YTsJq4U/WWu1TFwOiysQVpdTA/iti+:I7eMiTRrzTcUubT3iZYzL5
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\403a3e9693bdfd7ddeb04f6204b3e8b32ca02ff1b2060cffe4363e1f55862517N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD58d8cdc90588d0446766bba1265012a32
SHA1675266a53ef848e7d047d8f59d754d709e8d3b97
SHA256b1a7f9d9184976a361226ffc44e1fc85a587d45e3fe88facd071d8a4bbbe4441
SHA5124860953094dca73d8eab9fda4b431b288669c13273d6cb0251fdc7930bd302a6de30c7b055da6032c435ba88499f4374e7a7f4959c141fe4eb62c71422c72ca6