Analysis

  • max time kernel
    95s
  • max time network
    18s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    21/11/2024, 07:28

General

  • Target

    PanoramaStudio Manual.pdf

  • Size

    5.4MB

  • MD5

    8a53abee886712a4c41f77ccbdae7263

  • SHA1

    dd5a28d031162d3c6e9e4c8f836a67cc15fcbc62

  • SHA256

    66fe91fba3747d53133575691b7c21b88bce2bad2e98b0a78ae6f58955e78b3a

  • SHA512

    3b3d1be6433c6b32843f1df70b28ddb6af3e2ab4bd0a6f3fe99269b8c7968cb50b7054aff6185caf392322a8264f309957c4e52ce0cdb4c45d4b44d4179b6c38

  • SSDEEP

    98304:WMQR94PPF2s4v3hRQ3teLGs4K2ktZ1UwClhsJ/iqV0AnbA29+eqB:Bq9m4sCxRwteLgKT/0lw/3VpA29+fB

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\PanoramaStudio Manual.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2780

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    d3a5ace527b90880524c9129a849e769

    SHA1

    84559ad8f33bca1509c6680d8388fdee0b271b65

    SHA256

    a6996fc45c9b8d6a6ef098a20413685bedd29135506abaac8649028ef00c0cee

    SHA512

    a0610f3bce203c1f718f49d2134a686a2f2e9541efcc358a4560b3e6e1dcd6c1240be198e636f819414a6ec688d2a71ad5639c94fba0ca4cd77ddd3f2dfe3882