Overview

overview

3

Static

static

3

You Have A...t .pdf

windows7_x64

1

You Have A...t .pdf

windows10_x64

1

Analysis

  • max time kernel
    149s
  • max time network
    35s
  • platform
    windows7_x64
  • resource
    win7v20210408
  • submitted
    26-09-2021 12:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    You Have A New Private message From Tinder For secret .pdf

  • Size

    119KB

  • MD5

    7800d130a35d0eb0e48a50f103c96b72

  • SHA1

    9e9d64d41a17142c22375afd67615571e3ae526d

  • SHA256

    0042e9fbb77018aba2d376d109febc595dd1f86984f6200816c4ccb28a34f4a3

  • SHA512

    774371d2971acfcfe31191279bd322000159941f135f79a0355488c2305756cbc12050c8aa2ea0f54959f2976fffe76529ae331dfd45f42295c4f6d453ccbb48

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\You Have A New Private message From Tinder For secret .pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2000

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2000-60-0x0000000075D11000-0x0000000075D13000-memory.dmp
    Filesize

    8KB

    Download