General
Target
Filesize
Completed
Task
AND-LIVING_INVITATION_2021109476.pdf
185KB
14-10-2021 05:05
behavioral1
Score
1/10
MD5
SHA1
SHA256
SHA256
d4adcc2ff7fda7b6097dcb436960cfba
4ed2bb0c04bea06ccd61577e398c1fe61272a2fe
280ff42f2664b423a40e20eb03ac4d8d730615b191795ec35d692ea9f31c4807
c732f2165b214c3810ce0762dbf57ec845a5e83e69f6f9262d67f89d01ae5e00b930bea48fe300b89bce08cf67582bdf9e5734c68a4a9727444370862c84f2d7
Malware Config
Signatures 2
Filter: none
-
Suspicious behavior: GetForegroundWindowSpamAcroRd32.exe
Reported IOCs
pid process 1092 AcroRd32.exe -
Suspicious use of SetWindowsHookExAcroRd32.exe
Reported IOCs
pid process 1092 AcroRd32.exe 1092 AcroRd32.exe 1092 AcroRd32.exe 1092 AcroRd32.exe
Processes 1
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\AND-LIVING_INVITATION_2021109476.pdf"Suspicious behavior: GetForegroundWindowSpamSuspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Replay Monitor
00:00
00:00
Downloads
-
memory/1092-54-0x0000000074B41000-0x0000000074B43000-memory.dmp
Title
Loading data