Analysis
-
max time kernel
149s -
max time network
35s -
platform
windows7_x64 -
resource
win7v20210408 -
submitted
26-09-2021 12:20
Behavioral task
behavioral1
Sample
You Have A New Private message From Tinder For secret .pdf
Resource
win7v20210408
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
You Have A New Private message From Tinder For secret .pdf
Resource
win10-en-20210920
windows10_x64
0 signatures
0 seconds
General
-
Target
You Have A New Private message From Tinder For secret .pdf
-
Size
119KB
-
MD5
7800d130a35d0eb0e48a50f103c96b72
-
SHA1
9e9d64d41a17142c22375afd67615571e3ae526d
-
SHA256
0042e9fbb77018aba2d376d109febc595dd1f86984f6200816c4ccb28a34f4a3
-
SHA512
774371d2971acfcfe31191279bd322000159941f135f79a0355488c2305756cbc12050c8aa2ea0f54959f2976fffe76529ae331dfd45f42295c4f6d453ccbb48
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2000 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
AcroRd32.exepid process 2000 AcroRd32.exe 2000 AcroRd32.exe 2000 AcroRd32.exe 2000 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\You Have A New Private message From Tinder For secret .pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2000-60-0x0000000075D11000-0x0000000075D13000-memory.dmpFilesize
8KB