da71d93e581cbb3a2513ce573cf5f38419cd987c28ecb34fd2fc00ed8233a2c2 | Triage

Analysis

max time kernel
149s
max time network
123s
platform
windows7_x64
resource
win7-en-20210920
submitted
29-10-2021 19:14

Sharing

Report Analysis Logs

General

Target

hxtbzpwstu12 .fkm12 iogi.ehmb12 uxenz.e12 odfv.mr12 gcob.pdf
Size

162KB
MD5

e913c4483a0cf438e209a116aa899a13
SHA1

2d6bea2b8de575ffd2247fb2d34216b6d8c164c0
SHA256

da71d93e581cbb3a2513ce573cf5f38419cd987c28ecb34fd2fc00ed8233a2c2
SHA512

333f4433ddc990b41beda0db340fb71d4fa64da78cf7cd7cf883c77a891e223ad9050e64f503672ab74e66e77962846cf0200902406bd6761fd6ef114acbddca

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1600 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1600 AcroRd32.exe
1600 AcroRd32.exe
1600 AcroRd32.exe
1600 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\hxtbzpwstu12 .fkm12 iogi.ehmb12 uxenz.e12 odfv.mr12 gcob.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1600

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1600-54-0x00000000751A1000-0x00000000751A3000-memory.dmp

Filesize
8KB

Download