Analysis
-
max time kernel
149s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
-
submitted
28/03/2025, 12:32
General
-
Target
10 Ingresos y Retenciones/Vetra.pdf
-
Size
20KB
-
MD5
cc45e419b40668639b9b0b42d26e707f
-
SHA1
7c52fe725c2ff089c9c1e75cc7d796351d8ef6c1
-
SHA256
29d98a3d98fc609dcb0dafb0755997e4ffcab2f6e0ccfc778b52b8ee9b304b2a
-
SHA512
1ecd1c868ebf0d5fe0902a0658c25ce12bad7ead00252a87db08d22b3accbedd84bdc42eb5adb49652fbc486aa270f43dcad21d3aae7cb568b58c4eed6960c71
-
SSDEEP
384:IyhUMXhyTJCXdmHPRUbVazDmEpQntKvEuo8RpiHwmy3vtAk7JnmA4jaaclav5g3t:Im0TJCXdmvSVazDnH6HwZ3vtAk7ZmA4c
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\10 Ingresos y Retenciones\Vetra.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5a3bbe2ccde79ea6376c6ec9cf7c08e8f
SHA1484bceffd26552d587a8a012f69424a62885a6ec
SHA2564fc7f8e5be8ccc546dd81eba1aba7a4c38f576458481469ecd48202c8a23b8f8
SHA5123b3bbb1744bb2b2415bcb9304ff9fbd2abb57172562d990a6dd480dc885cf9a457dadc83d778e417f2761101a86f08fe0823cb21be5e7135a655e282c3d7dc9d