Overview

overview

10

Static

static

3

ZAWAJ/ال...ج.pdf

windows7-x64

3

ZAWAJ/ال...ج.pdf

windows10-2004-x64

3

ZAWAJ/ال... 1.pdf

windows7-x64

3

ZAWAJ/ال... 1.pdf

windows10-2004-x64

3

ZAWAJ/ال... 2.pdf

windows7-x64

3

ZAWAJ/ال... 2.pdf

windows10-2004-x64

3

ZAWAJ/ال... 3.pdf

windows7-x64

3

ZAWAJ/ال... 3.pdf

windows10-2004-x64

3

ZAWAJ/ال... 4.pdf

windows7-x64

3

ZAWAJ/ال... 4.pdf

windows10-2004-x64

3

ZAWAJ/ال... 5.pdf

windows7-x64

3

ZAWAJ/ال... 5.pdf

windows10-2004-x64

3

ZAWAJ/ال... 6.pdf

windows7-x64

3

ZAWAJ/ال... 6.pdf

windows10-2004-x64

3

ZAWAJ/سل...ج.exe

windows7-x64

10

ZAWAJ/سل...ج.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    117s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    18-12-2024 14:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ZAWAJ/القائمة 4.pdf

  • Size

    582KB

  • MD5

    29a41d132d60c7b2cb36a8e03d57f6a3

  • SHA1

    b4868c666b16261f2332a11ad007a65dc2baf69b

  • SHA256

    4b842a672aacb5a51222c7d4e598891a40886bfb944296e733ea429a9e14a1f8

  • SHA512

    0e21f490e4f76d1fcafb105b6a04b824a44621f868822e5e3a23d280404ac6d42b57ee699d4241cb70572bd2293037384bad242b8b3b157893c1e2d50da47112

  • SSDEEP

    12288:c3ueGaZpBL9dnpHFU2aYT5m5DXrk7Ve1YArw8F:YuqZpBLY2mpJ1prZF

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ZAWAJ\القائمة 4.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2736

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    b90e1d1c52f7fcbd6358596093d00a06

    SHA1

    948941a083db86861dbe37807baae655c316c9d9

    SHA256

    5f2ee61c2ae33b23e90a7a50a3a84c354ab4a3e50018b76052233c24e5632e2d

    SHA512

    48f1c02c4f078a1b963ea33711ab9f841c5ae22d130928b0e61316b8bdf0a69c26be2884fcb8c15c6fedfe8159f9c06973dff929d68ab825c8b475cc56ef132e

    Download Submit