Analysis
-
max time kernel
152s -
max time network
129s -
platform
windows7_x64 -
resource
win7-en-20211014 -
submitted
19-10-2021 09:51
Behavioral task
behavioral1
Sample
170835@702*0@7171@91*0156199@*17413*@2549858*67@788299*585@58264*@515475*5@3387724@5*15975@4*8458463.pdf
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
170835@702*0@7171@91*0156199@*17413*@2549858*67@788299*585@58264*@515475*5@3387724@5*15975@4*8458463.pdf
Resource
win10-en-20210920
General
-
Target
170835@702*0@7171@91*0156199@*17413*@2549858*67@788299*585@58264*@515475*5@3387724@5*15975@4*8458463.pdf
-
Size
107KB
-
MD5
837a688305af07e01d763678d200ffcc
-
SHA1
ef0e2833f5b4319d99a60f6adf6394c8376552a1
-
SHA256
44e114818de17df73cf28cf80bf3dc5f24e2585ba15a0084a18004ed2d659bdf
-
SHA512
47817321d5b4d7cce54045ee2fa9e7702765fdebd9ace7ab7db5e5cfe904d52a31a6e49f54c0697081a8340828803a0a4b537a439b659a2fa0572bb4283fd204
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1656 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
AcroRd32.exepid process 1656 AcroRd32.exe 1656 AcroRd32.exe 1656 AcroRd32.exe 1656 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\170835@702_0@7171@91_0156199@_17413_@2549858_67@788299_585@58264_@515475_5@3387724@5_15975@4_8458463.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1656