Analysis
-
max time kernel
121s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
27/03/2025, 17:27
General
-
Target
Untitled attachment 00016.pdf
-
Size
197KB
-
MD5
61b2410c7dc8febc5dca9ef4b8cfeb6b
-
SHA1
645a349146fe516c4bb9daa28d975d5dc2164218
-
SHA256
2a3294d6ee5d0da5aedff905a9ec8dc524325c870d7c48c78bda0a8f11f60965
-
SHA512
f9dc6bd0a3996285095ad892f0d0ca4d7567d6e636b2befbc8e593e4fd4157aad3695757c57a42313a50369f70b0cec32d27866cdab822f6c1a99ef01f1a9141
-
SSDEEP
6144:CJRkz06AfmXm5pKBUrgd4l0KLuH41GKS1ZHH:CJRkI6AfmXmpKBUrPqKLuH+GKSnH
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Untitled attachment 00016.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5580ee6e6598a5669dcb7067281f27b43
SHA11fbdab88e4be3a47a7cc9b4f79ad36eafee5b9af
SHA256c5501ea061a1c3d90be874d28031a3ffe4364a143aebc67d05e0b5c36e7c3dd4
SHA51219e71e0bb896d8d94a7252a944df44217ed33e540f60a0b7f6974a7fce57925315213b76653485904f271e00de235db3e5df6a49b2a07f14dd7034d88f37366a