5a74b5888026e3ed3d0e4363c5973ea748976e00fc277f3026ae8b9ab00a60cb | Triage

Analysis

max time kernel
150s
max time network
61s
platform
windows7_x64
resource
win7v20210408
submitted
14-10-2021 05:05

Sharing

Report Analysis Logs

General

Target

Fatura.pdf
Size

204KB
MD5

64a6071961d37d5d9e6329c9ea3c27b2
SHA1

231d5fb3e859691482caa047c81d96ec311ed88b
SHA256

5a74b5888026e3ed3d0e4363c5973ea748976e00fc277f3026ae8b9ab00a60cb
SHA512

ec09285a8aa1d6b310d51f44ccf16f7f21d5e805a9073333b84f9a7f029d768286118e0a10c43e3d38eba2432d91e5df0d2dc57ddb792a262677d20f2702140c

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1724 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1724 AcroRd32.exe
1724 AcroRd32.exe
1724 AcroRd32.exe
1724 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Fatura.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1724

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1724-60-0x00000000769B1000-0x00000000769B3000-memory.dmp

Filesize
8KB

Download