Analysis
-
max time kernel
95s -
max time network
18s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
20/11/2024, 05:39
General
-
Target
6c2831fad04b06e0527247063a2f8903ed8c84862931a98fd749ed985de7a7adN.pdf
-
Size
362KB
-
MD5
c2889344406d05a19a9208407b04ed50
-
SHA1
23955cfe6c3ec3ca2752dabdc5c7f8a9b59ceb43
-
SHA256
6c2831fad04b06e0527247063a2f8903ed8c84862931a98fd749ed985de7a7ad
-
SHA512
99a9c8c883e41f5ac95393bc2a3215b22c0cc82a856e41e67c2a8db720f56bd3d6a0dffeee8b9379cf5359755ed3f54dae5c00c53d7e3ecf654f589e41effb59
-
SSDEEP
6144:eQaXlYeMiAiO/cZXrQ9hTsJq4U/WWu1TFwOiysQVpdTA/itiE:eQ7eMiTRr4TcUubT3iZYzLJ
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\6c2831fad04b06e0527247063a2f8903ed8c84862931a98fd749ed985de7a7adN.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD558e0997235a03235738f570eeb69d3db
SHA17961d9b7d0d6f7911b5027acbdb5ed268a2f4065
SHA256ad6c2466f25790ad54873a73af6caa3f233a309e16bfe4a48046dc5a1d91b061
SHA5125f6fe93f47e69122ee7ba4e23f6fb910dd42551084293aaedf38737c5e8e2009e446ae68c3196fb471561e8afdb558293805c75e1cad2c466ab9710a947f272c