Analysis
-
max time kernel
47s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
13/03/2025, 07:50
General
-
Target
970857_d_adm_coralis_Reorient.pdf
-
Size
1.5MB
-
MD5
86c935b53f32efa82c216d184ed85c06
-
SHA1
a37789a87966bffe137836aa9276984acca40382
-
SHA256
6c5b19b76f07d9e7e0b7ea6f5c5302b8f3e219fce35ff7299cd77dfbc8faf103
-
SHA512
cbe07717c2040341247e17ca57734d76a15b029da712987214728c2548d74427c59b7478d53935f1f3a18a3d535c24a83355d6ab33dc00a6012cfa068e9c2e90
-
SSDEEP
24576:gYpKK1EntiuKp45cOTo1BPE7hMbudjTcwyPZRKrtJvtdkl0h:DpQiB2Z487ybcncBK5Jvbkl0h
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\970857_d_adm_coralis_Reorient.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5075a47099ca03109cd494fd943f45fae
SHA16dce3c43ec634349c8fe3775465e00ea36b3526f
SHA256854804d08c13e914fa7ad6298ba2e0b6c9d6b989573c5b4984072443d2018e0b
SHA5120ff48d9f85d97be0f4fa62cfbd47dd5b28d9e197ab580fcb33d15cf67730b8e06acfea2cf1be5d57bc739aa95d5a86dfc016d5e5eda7a33165c2c882343160cf