Overview

overview

10

Static

static

3

5af0f5b0ba...de.exe

windows7-x64

10

5af0f5b0ba...de.exe

windows10-2004-x64

10

MihalyLeve...g.docx

windows7-x64

3

MihalyLeve...g.docx

windows10-2004-x64

1

Mihály Le...17.pdf

windows7-x64

3

Mihály Le...17.pdf

windows10-2004-x64

3

Mérések ...2.xlsx

windows7-x64

3

Mérések ...2.xlsx

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    25/03/2025, 21:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Mihály Levente_Tartalmi kivonat_2017.pdf

  • Size

    393KB

  • MD5

    0c45e66bfc426204973a46d445390cba

  • SHA1

    dc19b9cdd3f6610e4b9aa6dbf98f9d4005a94d47

  • SHA256

    06abc5656494da7c43fecd8f35fe21d9ea20663e7639717e8adf631ee3c15207

  • SHA512

    2d0de5d667829a1b72331c532b4f38fedae33f99f35e8589b5f9ef2185b34af66f65976f9686995e2f7c2b2cdafe823b0a372ceecd8952e9de7ef0ef477cb4e8

  • SSDEEP

    12288:bShkqN0cQbIy6hVh2eOaH8anOvZ0ox/gV1xOvtP0+sw:bShjZ4ZGhcAYRB4181PJ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Mihály Levente_Tartalmi kivonat_2017.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:3060

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    5dbe44ce039bc0f84dea1463455f8624

    SHA1

    7fa85387030dc33d0c6462a360624a1921b86f92

    SHA256

    09f7e5a320d4e3dd6a63501bdcfc4eeabc9a0573fc4614a21a0467dfdcc9d7ff

    SHA512

    38d2ab5c193e735cd45b385bd0686ae56f3432e1a88fdc040229e01136900efaa37a6c8b29f716f72af4337319279d69a0fda47f9cf4cdc6a13673ffdf0ad408

    Download Submit