Overview

overview

3

Static

static

3

nsgrizca.v...qh.pdf

windows7_x64

1

nsgrizca.v...qh.pdf

windows10_x64

1

Analysis

  • max time kernel
    156s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-en-20211014
  • submitted
    29-10-2021 19:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    nsgrizca.vi65 cjs.uiljm65 powhg65 .nqh.pdf

  • Size

    196KB

  • MD5

    db65a81d4e887ad0e4aa81f5d3138307

  • SHA1

    942f77b9f6e9b59a820a79d686b0df9e4bebdbec

  • SHA256

    02445b2e866cb68dc34f0579693521de66713ca6ef6ffe18a018b093549a4993

  • SHA512

    2ce4086d24d63c2da8b325e81cd0896ea76c64276140caf404b3fde0ff4e300c8c4850524ca4bbed01c78e3539d962b0754bc846ed142d561a778e2fa81fd183

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\nsgrizca.vi65 cjs.uiljm65 powhg65 .nqh.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1648

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1648-55-0x0000000075321000-0x0000000075323000-memory.dmp
    Filesize

    8KB

    Download