Overview

overview

3

Static

static

3

nfzbmUJb G...El.pdf

windows7_x64

1

nfzbmUJb G...El.pdf

windows10_x64

1

Analysis

  • max time kernel
    150s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-en-20210920
  • submitted
    31-10-2021 03:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    nfzbmUJb GQGaZms 5wrpGkfZ hQ2AZg SSFpF El.pdf

  • Size

    142KB

  • MD5

    ab07040ca75a168a253372f5e2ced67f

  • SHA1

    e57f12c103cf46f2ad61a3c11907eebf3e80d524

  • SHA256

    309fcddb5625ad7add877b8d2c4401760906da433f51d24dddc61b63382c4325

  • SHA512

    a70384502e26ab86ecca14bc2bca001abfa77903f9ca44a2edcb3e30c64224e2be95c176a40090cf32c3f44c10326ff8032192d016e480921f3fe42007be7ffd

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\nfzbmUJb GQGaZms 5wrpGkfZ hQ2AZg SSFpF El.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:332

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/332-54-0x00000000768C1000-0x00000000768C3000-memory.dmp
    Filesize

    8KB

    Download