Overview

overview

3

Static

static

3

ukvda.xzbp...id.pdf

windows7_x64

1

ukvda.xzbp...id.pdf

windows10_x64

1

Analysis

  • max time kernel
    156s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-en-20211014
  • submitted
    29-10-2021 19:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ukvda.xzbpr17 .bormz17 .bnsovwhe17 .ezlazc17 lzb.dzvljc17 gog.fcop17 waj.am17 dlvtce17 .uwln17 .xwid.pdf

  • Size

    108KB

  • MD5

    2606dd3c72cffd640d6feef9a57e1f93

  • SHA1

    10d28398074dc6c597703f51413b031a32bbfe77

  • SHA256

    48954f889f3559b2a1ebbb1b271f9bae10bf84ecf22171ec52a60c564c99a970

  • SHA512

    963c6a5ae56f5449770e193cf12c93e412df0d6ecc0e3aeea2abfc08f8d357bde604f69b84ec55b2a23f3f6be73e9a8ed00ace487dc0bf4284a29534985cfa71

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ukvda.xzbpr17 .bormz17 .bnsovwhe17 .ezlazc17 lzb.dzvljc17 gog.fcop17 waj.am17 dlvtce17 .uwln17 .xwid.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1116

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1116-55-0x00000000762D1000-0x00000000762D3000-memory.dmp

    Filesize

    8KB

    Download