Analysis
-
max time kernel
151s -
max time network
145s -
platform
windows7_x64 -
resource
win7-en-20210920 -
submitted
29-10-2021 19:12
Behavioral task
behavioral1
Sample
fytmnrf0 j.yax0 htjoide.x0 yzvhcotv.h0 ivsl.a0 qlwpx0 kuyf.pilk0 xih.0 xjmeefq0 pok.ixh0 pcvy.bpb0 hkjrt0 j.dkluzo0 fgl.yq.pdf
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
fytmnrf0 j.yax0 htjoide.x0 yzvhcotv.h0 ivsl.a0 qlwpx0 kuyf.pilk0 xih.0 xjmeefq0 pok.ixh0 pcvy.bpb0 hkjrt0 j.dkluzo0 fgl.yq.pdf
Resource
win10-en-20211014
General
-
Target
fytmnrf0 j.yax0 htjoide.x0 yzvhcotv.h0 ivsl.a0 qlwpx0 kuyf.pilk0 xih.0 xjmeefq0 pok.ixh0 pcvy.bpb0 hkjrt0 j.dkluzo0 fgl.yq.pdf
-
Size
165KB
-
MD5
26f7ed5cfa97311cbbf4f85dc82fd56f
-
SHA1
41abf31e9f3a77ff758da99cc9220ad477ef9486
-
SHA256
450bebda0a250b9514fece957aeb302928b13d827b6ce4bcfa54b8dd687c02d7
-
SHA512
2c4ac640ad5f2efa40f352d7ae815462e8e813a351198e2032b8a87280168461d6e21ab34bd2e915ad744404fe017355b0b642af643357689d99121a2f88a37c
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 780 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
AcroRd32.exepid process 780 AcroRd32.exe 780 AcroRd32.exe 780 AcroRd32.exe 780 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fytmnrf0 j.yax0 htjoide.x0 yzvhcotv.h0 ivsl.a0 qlwpx0 kuyf.pilk0 xih.0 xjmeefq0 pok.ixh0 pcvy.bpb0 hkjrt0 j.dkluzo0 fgl.yq.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/780-54-0x00000000768C1000-0x00000000768C3000-memory.dmpFilesize
8KB