9fd2ab4c58fc20a97e27cef5fb550a59622f7ac2aed308d7ffe1c5bc8bb2eb04 | Triage

Analysis

max time kernel
153s
max time network
129s
platform
windows7_x64
resource
win7-en-20210920
submitted
29-10-2021 19:15

Sharing

Report Analysis Logs

General

Target

Boleto_Outubro.pdf
Size

335KB
MD5

c9ce1fa47b54733366fd4ea08f091fa1
SHA1

fed4bbbad42c0f0bd179c9c9a9ead7bcc84c7ef0
SHA256

9fd2ab4c58fc20a97e27cef5fb550a59622f7ac2aed308d7ffe1c5bc8bb2eb04
SHA512

59f4cacdd2a290f5855d5e73c10a056c585805336b6331a7aa88f74d86816ccdd1eb1f9e4bed79e85e9fd47c6bb02118ae2526250ca2984fc47d56a72fab2841

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

748 AcroRd32.exe
Suspicious use of SetWindowsHookEx 5 IoCs

Processes:

AcroRd32.exe

pid process

748 AcroRd32.exe
748 AcroRd32.exe
748 AcroRd32.exe
748 AcroRd32.exe
748 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Boleto_Outubro.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:748

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/748-54-0x00000000759B1000-0x00000000759B3000-memory.dmp

Filesize
8KB

Download