Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
07-12-2024 12:34
General
-
Target
1.pdf
-
Size
440KB
-
MD5
3d9eac971f137be62cf48e5c0a6c778c
-
SHA1
35d849fbddcf435f71aeefece7c7b88588e0230c
-
SHA256
ea696eed58a170e9fec62d87a36740859255b2b9ed9627e2d8f47b492091a8c7
-
SHA512
397472e1a74cb1652f72154cf18410c6bcfb35839702c7fee3e3b685ebec62ac0b48097fcf3ac1c222df5826e628d84128eebe16838b50222fdddeb92512a3ec
-
SSDEEP
6144:SyZ/lbfMG+x3sTZ0Dvw5EDnGQcwI0ltK8ZEq6fWTq2ky3hPty2eHMQU8RJVCF:SU/5J+x8TC4YGLwBEpC3hPfZUaF
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\1.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5adf14f83931fff51fd020f27dce851d9
SHA1b750f268c2b3a10134fe7c5a35459fba9133bb89
SHA2560d57833c06f42b718ebbb95c576a8c24c248920e56c96b124a6ef93cc2e87c95
SHA51255aa4e3ae94fbaed55803e06fa894666a932cd2d49f7416caa87b6d1a4283a1db4256e8abd048c6151f08c24a6725164106a638c76455ef1b62982d111a97501