Analysis
-
max time kernel
117s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
19-11-2024 18:52
General
-
Target
fv08002469850002400026260.pdf
-
Size
95KB
-
MD5
62071fcad8d8a98b0b90add77479c706
-
SHA1
dd2878489de46df7c8b65dcfc4b9afd3ab7e9ae5
-
SHA256
b97b920a8e70f3008bcf88ca81fca946eb1efe0d4d1c252d559c0dc2d65f8c28
-
SHA512
28be53ead01c7d212b618395beb619f715a445dee00ffe8c64cfa2a23eda01704fdc0429551edca2ce41181b7a44b6f6fd67c75f51c9d28bf9b1106d864fc779
-
SSDEEP
1536:jaxcmozabA0MIfuhM2W78idbUo/l4HvXMeIZvv/cfqn2yL1q8D:A4cX2m2W78Nf8FHcfo4S
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fv08002469850002400026260.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5faa09eb82960fb356829d491d8a3214f
SHA1fd7c0e977325e1d7204878db0c55f2a879206aa0
SHA2560e9af93ec599e8e1a4e34b6c911bdaec9c14ca2a65aa3e743575573edb356bea
SHA5121e13914668337e4f9ac2f720bd1b012b18e1911d0e52eb4b98cbd3ee0fad2fe950ff11eea4f50b45b908e0bc13ec854064f7ebaab6ac9484a3fe280e3cbf3c2d