Overview

overview

5

Static

static

3

phish_aler...2).eml

windows7-x64

5

phish_aler...2).eml

windows10-2004-x64

3

assetinsur...04.pdf

windows7-x64

3

assetinsur...04.pdf

windows10-2004-x64

3

email-html-2.html

windows7-x64

3

email-html-2.html

windows10-2004-x64

4

email-plain-1.txt

windows7-x64

1

email-plain-1.txt

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    27/03/2025, 11:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    assetinsure.com-986477004.pdf

  • Size

    20KB

  • MD5

    bf9bb3cc4cb644d30ee092d2e1c070fe

  • SHA1

    9780f73e4870bef3bba567ee6d4dc50874d7fb17

  • SHA256

    18e98f3bd4ef5db51acd26f0844be99ad6c3a1bae23470de44e9067c869ce36a

  • SHA512

    587242e14f469f0774b89bd32a6b25dd34e0397ce709f542c73fcb41752f354c17c0956fa640e794362749ac73a5d48d1acb8a6468ce58bb10b011584941fb93

  • SSDEEP

    384:myWN+1D/SU4hE1fhT0j2e75fBNOlnvZHCUSZmr9dOSE/PCUSYMJrTEb9p7CUST:myW0AUh1Ji2k5fBNOlnhHxr9dV+/grMG

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\assetinsure.com-986477004.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2284

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    752ed526f38363c954a3fe788bcafe8d

    SHA1

    a9cf843739c31098c645e4c0ca3ddb46ff668e67

    SHA256

    91021f0766c22c60dfae1a09ea0edf05d51b25df10dcbb6564b1f1e234ce71cc

    SHA512

    a65b63f15ed318e87f2d46349d893fdc31268b0222ee146a2d167be1b407fd1261bc1c6fca7c8831d043d84973553b45d40f628c897473f015808b22db864009

    Download Submit