Overview

overview

10

Static

static

3

5af0f5b0ba...de.exe

windows7-x64

10

5af0f5b0ba...de.exe

windows10-2004-x64

10

MihalyLeve...g.docx

windows7-x64

3

MihalyLeve...g.docx

windows10-2004-x64

1

Mihály Le...17.pdf

windows7-x64

3

Mihály Le...17.pdf

windows10-2004-x64

3

Mérések ...2.xlsx

windows7-x64

3

Mérések ...2.xlsx

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    25/03/2025, 21:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Mihály Levente_Tartalmi kivonat_2017.pdf

  • Size

    393KB

  • MD5

    0c45e66bfc426204973a46d445390cba

  • SHA1

    dc19b9cdd3f6610e4b9aa6dbf98f9d4005a94d47

  • SHA256

    06abc5656494da7c43fecd8f35fe21d9ea20663e7639717e8adf631ee3c15207

  • SHA512

    2d0de5d667829a1b72331c532b4f38fedae33f99f35e8589b5f9ef2185b34af66f65976f9686995e2f7c2b2cdafe823b0a372ceecd8952e9de7ef0ef477cb4e8

  • SSDEEP

    12288:bShkqN0cQbIy6hVh2eOaH8anOvZ0ox/gV1xOvtP0+sw:bShjZ4ZGhcAYRB4181PJ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Mihály Levente_Tartalmi kivonat_2017.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2404

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    6c5cee22b9d866be4c793d346a330b64

    SHA1

    cb7d510178be64afa554da7f2153c7140f4e1bcd

    SHA256

    b789a42a4f1529ad99ff533272ba21506d19d9935c1971a85f9b9e75aeb41842

    SHA512

    c3f347a1c70d93031ee95be48e5e9bd5ab788d83211743e24d8124afe8aca6249e7d9f187eaecea9b6f2982e2a6ea4c838da8bf6735ca0c9d71e665d2f9e6e6b

    Download Submit