8a5fb3b82134ca2b6e924355ff8673dca2d15cbc765fd5744a9a99df7b0a9b79 | Triage

Analysis

max time kernel
152s
max time network
119s
platform
windows7_x64
resource
win7-en-20210920
submitted
14-10-2021 05:01

Sharing

Report Analysis Logs

General

Target

BRIEF.pdf
Size

238KB
MD5

d9eb117180673e30f6e56350ec72de59
SHA1

78392960cc53f8df04ffe856b271662ad2a89e00
SHA256

8a5fb3b82134ca2b6e924355ff8673dca2d15cbc765fd5744a9a99df7b0a9b79
SHA512

26723e50cf346d4e0ed45b9b38df143a75754122c1c04eaeb690117cd78d61b041f475a3b2e8f95364d107b5485212027cc19612ab58df5fe2c61289466f4d4e

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1984 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1984 AcroRd32.exe
1984 AcroRd32.exe
1984 AcroRd32.exe
1984 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\BRIEF.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1984

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1984-54-0x0000000075C11000-0x0000000075C13000-memory.dmp

Filesize
8KB

Download