Resubmissions
28/03/2025, 16:53
250328-vdy32aywfw 328/03/2025, 16:30
250328-tz1cjszqv3 728/03/2025, 16:27
250328-tyb9bsythv 428/03/2025, 16:19
250328-tszsfazpw8 5Analysis
-
max time kernel
150s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
28/03/2025, 16:30
General
-
Target
GNBQY-997049.pdf
-
Size
9KB
-
MD5
036a6b0818e38574dc32f192be0756db
-
SHA1
3e9a6c7056cd4a1d3c2a2e897b0880f012b85e29
-
SHA256
31b50bf84e4920eba936c321dd56086506b1ad115bbf50862690ffb9fe0c5e21
-
SHA512
7461f3e20417a72afcb66b3574e48bcabfe9acc0fc8f79e7233788168dc65da2b617f19593ced669091656c8793aa6ffa7c9ba8c0d587be1cb03de50c53bdf29
-
SSDEEP
192:826ESYK7DzfYzETR8wlk2w1ic84kOHHrDYDIlYDIvJoYDIYr:826ESY6DzAYTmwe2w1n8DqYDIlYDIvJr
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\GNBQY-997049.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD53ef3551fef520dcbed7b70c2e3c38dce
SHA14ae8d4dfa37722d94cfc3781667856cf6209f3c7
SHA2566c6d363a7af71d93e7676ae830ad8cab1d897c5dee0a4c2488333516c160d655
SHA51274ddcf112b1a8650867472c5d4364bc9207f727de2506a57615745e7c1146c2768d637454e84e7adf547223613bf6f683c372864992e651edb2298f96a60c561
-
Filesize
472KB