738f60560063ff42e849104767e178886da68ae542cb40bba6792d7c640e1167 | Triage

Analysis

max time kernel
156s
max time network
97s
platform
windows7_x64
resource
win7-en-20210920
submitted
29-10-2021 19:15

Sharing

Report Analysis Logs

General

Target

866236285HZ8.pdf
Size

93KB
MD5

978ea7b9afd76e91adf57bc2a0c296f0
SHA1

c78ef55dfe07bf195760dac45628805bd45545e6
SHA256

738f60560063ff42e849104767e178886da68ae542cb40bba6792d7c640e1167
SHA512

7b11ac55ac99e7e8fe4766240da250d71d3f3e850c85349c5e2dc1b5e60259cb0c6781d55eeb5b78defbea08d690230b20b8f9a851f21995a75f42d33a1abb3e

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

2032 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

2032 AcroRd32.exe
2032 AcroRd32.exe
2032 AcroRd32.exe
2032 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\866236285HZ8.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2032

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2032-54-0x0000000075FA1000-0x0000000075FA3000-memory.dmp

Filesize
8KB

Download