Analysis
-
max time kernel
94s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
-
submitted
18/03/2025, 02:42
General
-
Target
4dc9b0c20ea61d91d6a1b5bdce76fb5365de0762efb8f6c2925113c6a8950cae.pdf
-
Size
211KB
-
MD5
930fc7badacf1a19816a97775662ae54
-
SHA1
d950e144b4c5a3eaacd2d9ed22b4c63264f70426
-
SHA256
4dc9b0c20ea61d91d6a1b5bdce76fb5365de0762efb8f6c2925113c6a8950cae
-
SHA512
585d5d16ed27e2e647d94bb7ce053ea4cb73c40a1ccad7502cb71d066b82fc17b605d23c2d04e25521e1785471a3fa678e26caee8d1075f271f69268042236e6
-
SSDEEP
6144:BahViqwtQgMGSsMoca/wuLQY7tXirGLz6VMgt:Be2QOSsPJPLQY7krGazt
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\4dc9b0c20ea61d91d6a1b5bdce76fb5365de0762efb8f6c2925113c6a8950cae.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD57944c3831c5ae876c4de6b782b9ec6a5
SHA142fbbe5008578e6166d5ea5b2fbf3a7881c2f6a3
SHA256dbcc1fff526c782efae03d0e77879b6816246b4c783c811eef9a2c58cb97b853
SHA5128fe27cf060cb846c21972b65d8257e1b4a3db5e49b3fb3bba3581ffa77e73cf21bbfa7f0993b2200bb75d2ff28a636aa62b96c78a27a3fc57305cdd140104b9e