Resubmissions
27/03/2025, 13:20
250327-qlbkgssvfx 4Analysis
-
max time kernel
59s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
27/03/2025, 13:20
General
-
Target
Triptico-Epidata.pdf
-
Size
604KB
-
MD5
6464ced5b2c446ffefdff2fb3bdb8ef8
-
SHA1
ea867df2cdbc1af8d13e2a13c896aaf0cefe47f4
-
SHA256
c7dc7a20f07116d8f14c9a7c3efe11c0e94042889211691bd7af9bb56160c599
-
SHA512
72f6e356559f8148ab9f96c1bad5f8b91ad6a597f10ea1c6730dc4243e95c5b0d5f1e0379b9295ec803f5d7e64aff1b4fa7d8ba90a363fd02746edccf8e61ee6
-
SSDEEP
12288:0hvlZkj0WRtPy1Wwb/8afBRzd2otG2VeSoVjjjqCC8HHi69:0lZkRTQpIajdVchqcig
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Triptico-Epidata.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD581b1e6a4e6205dceac2bac633e48cf68
SHA1297091428525938122619de33c7efd6f4b445609
SHA2565dfbb248d4354d8ddf51bfdf905215c267ee81431b9a6148bb2fab7b3490c532
SHA512260072f33abab2b51a7e56ea38baa188977aa29535f1c2f09e3eb2e1baaf774b01ee86bd4109ec6b52cbb412a7c43eaaebd8c9776d03a9954ad0483bfe7646a3