Analysis
-
max time kernel
151s -
max time network
125s -
platform
windows7_x64 -
resource
win7-en-20210920 -
submitted
29-10-2021 19:14
Behavioral task
behavioral1
Sample
jynntce.fpg14 jhivqq14 .lnl14 wxnnolk.14 hvxa14 mixx.i14 qnvsz14 r.fca14 n.pdf
Resource
win7-en-20210920
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
jynntce.fpg14 jhivqq14 .lnl14 wxnnolk.14 hvxa14 mixx.i14 qnvsz14 r.fca14 n.pdf
Resource
win10-en-20210920
windows10_x64
0 signatures
0 seconds
General
-
Target
jynntce.fpg14 jhivqq14 .lnl14 wxnnolk.14 hvxa14 mixx.i14 qnvsz14 r.fca14 n.pdf
-
Size
168KB
-
MD5
18de831748dbc54241f2ff0cb91dcf4e
-
SHA1
37881d6b3f8034080eefeda96b9d7d261a8aff76
-
SHA256
2e667c02b52624e713191dec23db8b02d16d6368949d447016920394ccbe6c3d
-
SHA512
d2fbb7b02d7944d1109c96b79c3d0927cc3d7467f5d3db75c6f21948a3d8af2775fa11ee2d901fb3c4ff50e3e5fffa6aaf9e91fdc66499f7180d4e0ebe567c4c
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 368 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
AcroRd32.exepid process 368 AcroRd32.exe 368 AcroRd32.exe 368 AcroRd32.exe 368 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\jynntce.fpg14 jhivqq14 .lnl14 wxnnolk.14 hvxa14 mixx.i14 qnvsz14 r.fca14 n.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/368-54-0x0000000074B41000-0x0000000074B43000-memory.dmpFilesize
8KB