Analysis
-
max time kernel
121s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
21-11-2024 14:13
General
-
Target
02062026_ADD_NAEMA East Meets West Meeting.pdf
-
Size
164KB
-
MD5
ca9b3d59a7481bb457a7de4a984a2857
-
SHA1
bc1236f9c3c7dc4b25d1c57db96a51401a5dd7df
-
SHA256
a2932af3eec95dfc51a4f1dccf9d44678cd72566b45644e9c0c2cec9dd156a7d
-
SHA512
e75aa3a44cc7d164bb13aac58d38ef7ae2ddf01107b4b46f27e3aacdc6d8885e0bfb079132c92dc3cb90efc79b4dbbe97dc28db5671176d4f4911675d6ded6ba
-
SSDEEP
3072:n3fNxtVVz6OXEn6fG3gs+lajs0SAtZCIC3bvqXGxZv:3fLp64EnAGwdlqSAXCJ3beGn
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\02062026_ADD_NAEMA East Meets West Meeting.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5916ea63266715cc1b3325b7f9ce0cf31
SHA161cb290ce0cf480b1e406207678c27e10979b644
SHA2560d9cc3d96b417f761468ac3bb2451080ae943a310cf6100ab3aef9849ab5be6d
SHA512582f95b5b0d72d1e878a4acabf8a87ce4618c8f1b195ef2f907f8c900fa1dab41c8f7ad908cdae2d479ccc972984987d5892d0b24f1c6ceb58ea5329fe0c850e