2e0c3a0db66754076b7864ca13bc7e12bb584bac559f25ae40a98b3690942633 | Triage

Analysis

max time kernel
150s
max time network
50s
platform
windows7_x64
resource
win7v20210408
submitted
14-10-2021 05:00

Sharing

Report Analysis Logs

General

Target

NEW_COLLECTIONS_2021106817.pdf
Size

179KB
MD5

aae4127a25e333ed179d88abf252dd51
SHA1

a1ffd7149646e0cdcff2172b8add5905f19319e3
SHA256

2e0c3a0db66754076b7864ca13bc7e12bb584bac559f25ae40a98b3690942633
SHA512

0d15fdd9d309fc2d088139a9247b553710f37d6b1b914d2070187881b5dbaaae7bd4a258a0a02a2ee543cd7faf9c49520bac4b9d57cc540f447f5bac57186a88

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1472 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1472 AcroRd32.exe
1472 AcroRd32.exe
1472 AcroRd32.exe
1472 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\NEW_COLLECTIONS_2021106817.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1472

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1472-59-0x00000000757C1000-0x00000000757C3000-memory.dmp

Filesize
8KB

Download