Analysis
-
max time kernel
150s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
28/03/2025, 18:43
General
-
Target
NC-CFPL 4736 MERCADERIA IBAGUE.pdf
-
Size
106KB
-
MD5
36986476168119fed59f8a1ca0cfd2e0
-
SHA1
005ec1ecdc3679e8c38d855e83e584c3e76421ee
-
SHA256
b686f25d64968480ca945cf2b2c291bf1fc3ebfb49b2bdcb2f9e69cdc975f944
-
SHA512
08367190a22c289568655cb712ae7156703d4e499b965cf1314bb8ed27669554c19eeb8b146dc61d188adf51fd5a2f9c7a7ace0ea08cff36d9dcd5297331bd8c
-
SSDEEP
3072:pJ7Nxbhp4/BE4JZAuK0KA6FZJThLtDImoLx6:pHxPay4J9K1VRTp1WE
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\NC-CFPL 4736 MERCADERIA IBAGUE.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5e10b61b4cfa01828365e71bb5cb291e5
SHA18718489ee2409b4d9d903d6a1926d4475c081c94
SHA25687d520d4e9debe672da62d6360a8e9f6ac2706d42deeef3430739fc77e1bbd0a
SHA512f99fc695e719e76c0510017393bff88875f41774b28cdbcc93f93033032e15547d2c7c7e60106e7221acd8bd5405fbece9ba4717e4d92e1e5e83b57786996fb6