f5b9b768b0e23242af2a866b208352858b986117dad1d416249ea43fcfb609f9 | Triage

Analysis

max time kernel
150s
max time network
31s
platform
windows7_x64
resource
win7-en-20210920
submitted
18-10-2021 20:29

Sharing

Report Analysis Logs

General

Target

NEW_ARRIVALS_2021109629.pdf
Size

209KB
MD5

4700d353c2257d907f107af58665e234
SHA1

87a4b52fd07e2d317c52435f861e78a0f5bc9061
SHA256

f5b9b768b0e23242af2a866b208352858b986117dad1d416249ea43fcfb609f9
SHA512

4ede04afb18649332e94c03440e17f543695613d6a65c5e8cf8ea891cd81be5ea627d7df86277deb096fc1344481f9ae5bddb1425ceabcf3179d67fe7135abdc

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1984 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1984 AcroRd32.exe
1984 AcroRd32.exe
1984 AcroRd32.exe
1984 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\NEW_ARRIVALS_2021109629.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1984

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1984-54-0x0000000076581000-0x0000000076583000-memory.dmp

Filesize
8KB

Download