b68ab0364edd3062fa18da9b97dd3145f6c5f419067a7159b4b03245b7ea3e2a

Analysis

max time kernel
122s
max time network
123s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
28/03/2025, 12:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

MAD-H1900709.pdf
Size

314KB
MD5

cffa5521a1a5b06bcf55603a5fdbba66
SHA1

e450b795ec540603ec21f15abc39db10fdbbe329
SHA256

b68ab0364edd3062fa18da9b97dd3145f6c5f419067a7159b4b03245b7ea3e2a
SHA512

ee3e1275fb160a80564045dc73908675bc3044e3c85da3fb527e569e51304caa0dd0377269d0e63c8e6fdf9c8da4184b25e78e539a35c0c4201c0d484f25b8da
SSDEEP

6144:JNuwagp/TgiAaikFJ+L3jJDIafcXJCRqBq:JNragp/tNikFQLFGoRqBq

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	AcroRd32.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
2412	AcroRd32.exe
2412	AcroRd32.exe
2412	AcroRd32.exe
2412	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\MAD-H1900709.pdf"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:2412

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
de5d011b5178c892d71c5967afc16614

SHA1
db101c84aaa56076111d1ecb253cee16af29d972

SHA256
15b095e4d41363d3b45d72e469bb485b65ccbd55c684c2143cec4363df18843c

SHA512
033ff0da525187c9acef34dc924b2c932a70c7e3b737a23027046c3660b5a99c6f893ba5fa7bdbff95a754b886e77e9e8a7d57ecef73342d6e21fab661c9cfe9

Download Submit