a0f60f4d44131b07bc089c14425ff8adca677223cafb5d8f7502bfc1432363da | Triage

Analysis

max time kernel
152s
max time network
122s
platform
windows7_x64
resource
win7-en-20211014
submitted
18-10-2021 21:16

Sharing

Report Analysis Logs

General

Target

NEW_TABLEWARE_(AND-LIVING_COMPANY)_2021104259.pdf
Size

268KB
MD5

b14cfa8e53987767930c0424fa607c33
SHA1

b169a859aa07e20b3093fd1d8fc0c252bf1d7467
SHA256

a0f60f4d44131b07bc089c14425ff8adca677223cafb5d8f7502bfc1432363da
SHA512

dc1d6d3d8b8f2015c7953266fa4888ec48571931c328306f5b53f76b499f1e7202d2fd15bd2e1ba5334d5d345c7245cd211371cf2297af07e07d3a492e8ae9a4

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1676 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1676 AcroRd32.exe
1676 AcroRd32.exe
1676 AcroRd32.exe
1676 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\NEW_TABLEWARE_(AND-LIVING_COMPANY)_2021104259.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1676

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1676-54-0x00000000754F1000-0x00000000754F3000-memory.dmp

Filesize
8KB

Download