34af87cdc265fe8f4423ed317141bbb918c4c87841257db79e24549e0449d768 | Triage

Analysis

max time kernel
151s
max time network
121s
platform
windows7_x64
resource
win7-en-20210920
submitted
29-10-2021 19:12

Sharing

Report Analysis Logs

General

Target

zilhy.n401 lpwx401 bp.qelm401 .zrthr401 iggf401 b.ds401 gmcc.pdf
Size

109KB
MD5

a979fb320173c31de582f03a4db57794
SHA1

5c0fe14fd1ccff03a4683fa22133dd303fe0f88b
SHA256

34af87cdc265fe8f4423ed317141bbb918c4c87841257db79e24549e0449d768
SHA512

7a75aee72f25aa6bb023add1eb737166ac0015a9073f407cb0e5712297637c1871bccea9a8fe74399038f82b0bee1ab1d2e274f0cfcabd85701568dd4adaa6e4

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

332 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

332 AcroRd32.exe
332 AcroRd32.exe
332 AcroRd32.exe
332 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\zilhy.n401 lpwx401 bp.qelm401 .zrthr401 iggf401 b.ds401 gmcc.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:332

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/332-54-0x0000000075BD1000-0x0000000075BD3000-memory.dmp

Filesize
8KB

Download