29529225c65fab004c9a7ed38d790a11076ec198476358c15af1a6e5a1af8035 | Triage

Analysis

max time kernel
151s
max time network
133s
platform
windows7_x64
resource
win7-en-20210920
submitted
18-10-2021 21:16

Sharing

Report Analysis Logs

General

Target

8007472730*@153071522@*9313@8502@*218424483@*01487*9@909207*562@5043@477*193979@*19173@869*[email protected]
Size

160KB
MD5

f6e8af9907cd58233b243a8b422ddccc
SHA1

00bd84c49d80014cc52008b616aba547d39b8298
SHA256

29529225c65fab004c9a7ed38d790a11076ec198476358c15af1a6e5a1af8035
SHA512

e0d6010d0e35328b6e5f93afbf893fdb82cf32bebb99021ca8d35796d4ae2172a4a7b421aa999941070f3de2a463063ebe6fa1167357c092b8329908fd86f6fc

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1480 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1480 AcroRd32.exe
1480 AcroRd32.exe
1480 AcroRd32.exe
1480 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8007472730_@153071522@_9313@8502@_218424483@_01487_9@909207_562@5043@477_193979@_19173@[email protected]"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1480

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1480-54-0x0000000075651000-0x0000000075653000-memory.dmp

Filesize
8KB

Download