Analysis
-
max time kernel
94s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
-
submitted
20-11-2024 18:08
General
-
Target
Screenshot (16).pdf
-
Size
28KB
-
MD5
a3f5093fdb3608d4ddeba58ebc0fc337
-
SHA1
52356be3995cd1b48b362e2503b491f8b7ecfb94
-
SHA256
566ecb1b1430d4e6aae55b5fdcc8d4061f39c5db055ccd9e19bd583da1a44a6d
-
SHA512
9e91be3dcfb835a58ca939d487e0d6355bf57f630129a6c7b86ad07178470d64bd47c8e67d142ca720aded320b74ec29fc2a9f05a0325fa1ffc6f4b567b8b4db
-
SSDEEP
768:F9+2C3ELvhFeMwbWIHAEwtT6DrmrisTbyuyC06leNWy7ljen13xXck:dheLbWQb4T6DirPTb+CcNWyJjwxMk
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Screenshot (16).pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5979b062f78813cc294c91f069b8b8afc
SHA146a07e8db898f011b1bfbd46d859515344cd165b
SHA2564a383e83728749bc7b8217192f96ca4204f14a02bc88ec232074255d3f1f66ee
SHA512a1d73c9c73f8ce32001824757cecd8593ecd6d8c03b9c814ff5e633733fb8a0d700c93f1b76f33b2d7ea4592044c397896038f50ea15162425b38a756843c52b