4c46e8f35ee5663cff59edcf6d5b9f51f491baf37079d33f8a24417c85a5cd9d | Triage

Analysis

max time kernel
138s
max time network
140s
platform
windows7_x64
resource
win7-en
submitted
11-09-2021 11:15

Sharing

Report Analysis Logs

General

Target

4c46e8f35ee5663cff59edcf6d5b9f51f491baf37079d33f8a24417c85a5cd9d.pdf
Size

903KB
MD5

6624b03b2421f2813c463b22b48b9574
SHA1

45394765f8da676b8bd89d589ccd641b9c32da1e
SHA256

4c46e8f35ee5663cff59edcf6d5b9f51f491baf37079d33f8a24417c85a5cd9d
SHA512

9122e14d49ea99cc8a06b03990de1a8fa7d9a1631dc096e40d40d35d075d32ecac1a53bdcc853014ee5822507f1f69f99234288ad449a486f43674d17559e415

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 1 IoCs

pid	Process
1696	AcroRd32.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
1696	AcroRd32.exe
1696	AcroRd32.exe
1696	AcroRd32.exe
1696	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\4c46e8f35ee5663cff59edcf6d5b9f51f491baf37079d33f8a24417c85a5cd9d.pdf"
1⤵
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
PID:1696

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1696-53-0x0000000075641000-0x0000000075643000-memory.dmp

Filesize
8KB

Download
memory/1696-54-0x0000000002670000-0x00000000026E6000-memory.dmp

Filesize
472KB

Download