Overview

overview

5

Static

static

5

2025032812...am.msg

windows7-x64

5

2025032812...am.msg

windows10-2004-x64

3

Info Envia...ON.pdf

windows7-x64

3

Info Envia...ON.pdf

windows10-2004-x64

3

10 Ingreso...te.pdf

windows7-x64

3

10 Ingreso...te.pdf

windows10-2004-x64

3

10 Ingreso...se.pdf

windows7-x64

3

10 Ingreso...se.pdf

windows10-2004-x64

3

10 Ingreso...um.pdf

windows7-x64

3

10 Ingreso...um.pdf

windows10-2004-x64

3

10 Ingreso...ti.pdf

windows7-x64

3

10 Ingreso...ti.pdf

windows10-2004-x64

3

10 Ingreso...ra.pdf

windows7-x64

3

10 Ingreso...ra.pdf

windows10-2004-x64

3

10 Ingreso...OE.pdf

windows7-x64

3

10 Ingreso...OE.pdf

windows10-2004-x64

3

10 Ingreso...ra.pdf

windows7-x64

3

10 Ingreso...ra.pdf

windows10-2004-x64

3

10 Ingreso...ol.pdf

windows7-x64

3

10 Ingreso...ol.pdf

windows10-2004-x64

3

Info Envia...s.xlsx

windows7-x64

3

Info Envia...s.xlsx

windows10-2004-x64

1

Info Envia...ER.pdf

windows7-x64

3

Info Envia...ER.pdf

windows10-2004-x64

3

Info Envia...ER.pdf

windows7-x64

3

Info Envia...ER.pdf

windows10-2004-x64

3

Info Envia...AL.pdf

windows7-x64

3

Info Envia...AL.pdf

windows10-2004-x64

3

Info Envia...ed.pdf

windows7-x64

3

Info Envia...ed.pdf

windows10-2004-x64

3

Info Envia...10.pdf

windows7-x64

3

Info Envia...10.pdf

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20250207-en
  • resource tags

    arch:x64arch:x86image:win7-20250207-enlocale:en-usos:windows7-x64system
  • submitted
    28/03/2025, 12:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Info Enviada DIAN Acta de Visita 08112023/11.2SOP INGR OPER.pdf

  • Size

    397KB

  • MD5

    fc7d954bcda163629db7afe31b6a9a6b

  • SHA1

    edaeefebff802d2a32f2a6dc0e36473f59a6dcd1

  • SHA256

    b5acd831333ae6679b11142736ebe3ef970ad4ab088b0a2a8777b39464ec09c4

  • SHA512

    9f3f5bb22c84ba0c5e969abb300faf99c93dae727378d4978211af974315f7fd8728ee32f9d77d649851d44439d7d23ffb4a0b6b724135d3d1b5e8f616379b68

  • SSDEEP

    6144:1dR45ymxLlo9X0JpwB+MfuswmTRawG80TpCrlvI+PI981ghyMp+qMKgOztahWJZ:1dR4gmxLhJytf+mNYklA+wOIgVOz4hyZ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Info Enviada DIAN Acta de Visita 08112023\11.2SOP INGR OPER.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1768

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    dd5dda6039521613a24d59ba6fa5c5f8

    SHA1

    df7ba08335c1535f21939ffef7e3828c9ced83f6

    SHA256

    c1d582a11e66fc9b7ddf209168739b0bd1408e209b404606c7c0a94b6aa35976

    SHA512

    2f3d9c854cbba4ee88ded339bb540d63ab7c0a0d346c9199dc56f430233543766f398302c4dde0f54adff04a118766f8fe392ebe458dbca94e0a245aa24bb1dc

    Download Submit