Analysis
-
max time kernel
151s -
max time network
118s -
platform
windows7_x64 -
resource
win7-en-20211014 -
submitted
18-10-2021 20:18
Behavioral task
behavioral1
Sample
8007472730*@153071522@*9313@8502@*218424483@*01487*9@909207*562@5043@477*193979@*19173@869*[email protected]
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
8007472730*@153071522@*9313@8502@*218424483@*01487*9@909207*562@5043@477*193979@*19173@869*[email protected]
Resource
win10-en-20210920
General
-
Target
8007472730*@153071522@*9313@8502@*218424483@*01487*9@909207*562@5043@477*193979@*19173@869*[email protected]
-
Size
160KB
-
MD5
f6e8af9907cd58233b243a8b422ddccc
-
SHA1
00bd84c49d80014cc52008b616aba547d39b8298
-
SHA256
29529225c65fab004c9a7ed38d790a11076ec198476358c15af1a6e5a1af8035
-
SHA512
e0d6010d0e35328b6e5f93afbf893fdb82cf32bebb99021ca8d35796d4ae2172a4a7b421aa999941070f3de2a463063ebe6fa1167357c092b8329908fd86f6fc
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2032 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
AcroRd32.exepid process 2032 AcroRd32.exe 2032 AcroRd32.exe 2032 AcroRd32.exe 2032 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8007472730_@153071522@_9313@8502@_218424483@_01487_9@909207_562@5043@477_193979@_19173@[email protected]"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2032