Overview

overview

3

Static

static

3

vsihtc.k67...st.pdf

windows7_x64

1

vsihtc.k67...st.pdf

windows10_x64

1

Analysis

  • max time kernel
    153s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-en-20210920
  • submitted
    29-10-2021 19:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    vsihtc.k674 hgorymw674 .oferzi674 ylw.e674 zxridc674 m.njblecw674 e.gx674 fbxupi.n674 zwhf674 .ast.pdf

  • Size

    120KB

  • MD5

    9099653b8969441d5596ee142b6ad7e5

  • SHA1

    db54445fd3ee0f489c4f3efeeba4de9e0b0cc335

  • SHA256

    345c87b226a0c881a419e687c88b722c9a797fdf9aa10889de7e503e93e5cf85

  • SHA512

    6c803be7753742b2953e07227bfeec5b3763c486417937a43a198c88b6fc27d9385d3361e5f68c59f6b9bb6041ca3ab15c249c4a28bfaecec5673f1d3af2b80e

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\vsihtc.k674 hgorymw674 .oferzi674 ylw.e674 zxridc674 m.njblecw674 e.gx674 fbxupi.n674 zwhf674 .ast.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:860

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/860-54-0x0000000075651000-0x0000000075653000-memory.dmp
    Filesize

    8KB

    Download