c6e7d9e6b1e4f4c01905be538a3219fcdbaad0101650d0f505a85ebbd8d53424 | Triage

Analysis

max time kernel
153s
max time network
132s
platform
windows7_x64
resource
win7-en-20210920
submitted
31-10-2021 19:09

Sharing

Report Analysis Logs

General

Target

77433818p 7*833524p 7*545208p 608*2p 0056099p *669522p 0*2384p 09*780p 492*337p 5240423p *062p 510*3.pdf
Size

188KB
MD5

339848c91edf7976a52f1a8b56d4f88a
SHA1

d316b27cdc2457e457433423435b541dfb429c7a
SHA256

c6e7d9e6b1e4f4c01905be538a3219fcdbaad0101650d0f505a85ebbd8d53424
SHA512

2635282beef62abfa9d6edd6900fec0272080c8ca70d71f3354208d04bc320fa5a6f242136d29588003e9d66efb52af7f85b03c4eb5be66fb149c8d819584ea4

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

584 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

584 AcroRd32.exe
584 AcroRd32.exe
584 AcroRd32.exe
584 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\77433818p 7_833524p 7_545208p 608_2p 0056099p _669522p 0_2384p 09_780p 492_337p 5240423p _062p 510_3.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:584

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/584-54-0x0000000074B41000-0x0000000074B43000-memory.dmp

Filesize
8KB

Download