Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
20-11-2024 19:42
General
-
Target
At-Bay-2024-InsurSec-Rankings-Report.pdf
-
Size
766KB
-
MD5
2411741bfb2195d79a123aaec2ee0b42
-
SHA1
628f4655ae081368015208e8529b2f1e9ce28f50
-
SHA256
3f247ff5d1af29559c731693b84d3a02b55bc2d7eac6738abc0989e0e1c1ff54
-
SHA512
fc6bc37249c58096941f66c96d29515f39803785650ccafd909253437d9bd593d6c2e6f166d1aaf72b40ff7900b75e02f7481445389fbe4edfa7f320f11b141f
-
SSDEEP
6144:B5TPxX1WwOwyiI4mG2kfEjYYzUaAEydcK95uEcIcr0967M3ujwDbSFHycTY0nGzX:/PxcGpBEjJ0EydRi06AujwDb0S6YR5w0
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 5 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\At-Bay-2024-InsurSec-Rankings-Report.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5093a6cfb4288a8ef992d757fd34a8a2d
SHA1923808193880a90561b42b885a19603c7421010f
SHA256c2637f8014b3a853bc37f51dccb8bb40a8798d20335377465e16c7d16390a7e5
SHA512d5606b8da2e46b279e309ff780699c05408cb8b40f088717523d6884da107bad9493968877a0e8c81a56ae1044f5a27f0fdd0c5b04c76965ee92704045eaadaf