Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
21/11/2024, 09:45
General
-
Target
combinepdf.pdf
-
Size
934KB
-
MD5
01b495de0bb7560d839eacd83cb8b1bd
-
SHA1
f1de8bb1cac5b9bad304c983d554d4cb5e2025fe
-
SHA256
3533bf5c2323130451e294cef667375f90c165771348be16a7fa29b0502b4905
-
SHA512
5e9713447ba93bb6285a804748351fb40d31c93a236b0a27a8a6e53d60bed2ea0d94d9b1439d3121825af3ed417d4ae820a8bfbef2e90ba48ff94e55def04fcc
-
SSDEEP
12288:nqMxdsvNK9sOp9bz5XExBHGv0vRPJfUKPAA21vute5/mgXXX1Lik9agHXa1KhNa+:qMDiNcsM9AwSeKl2tn4AahfE
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\combinepdf.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD531b91e111a21eca7d12f60ad4cfed72b
SHA14ba4fea9257f7ce15007ff42213236db5c80af9c
SHA256b710be7f7932ce9db1a1a3e0fdeef6ee0c100557f032682d16d7d8e6cc30fd30
SHA512643f8f7e2d61f228c8c73d2126daff5b8c41996a24022b915e834ca2a3edd2f36dca4f6d8f4da86442649a8876b6d876dfb59b385befe3ea813004425a71db30