48030f8b81ad8c4bad5dbb0043d7b1e530ba023b3809aadaadaafa9b0c76f0e3 | Triage

Analysis

max time kernel
152s
max time network
120s
platform
windows7_x64
resource
win7-en-20211014
submitted
01-11-2021 19:12

Sharing

Report Analysis Logs

General

Target

open and click 70675479*49p 12*125081p 074*44795p *29963015*p 13170p 6*010p 0741760*0p 70347p *24801.pdf
Size

129KB
MD5

50b6de97d9892c104b6a48be8dc92397
SHA1

6b0dd6f494356839e1f1af7271a95920930ab6ed
SHA256

48030f8b81ad8c4bad5dbb0043d7b1e530ba023b3809aadaadaafa9b0c76f0e3
SHA512

b05c2098045772ddaaa8a390a7d3b81cb4fea42271266a6fa8624ce512ca810f7f34d4e4cafb994f49baee247fdf5a35ba4c18eaee863b5a94ee04ade2dce89a

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1876 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1876 AcroRd32.exe
1876 AcroRd32.exe
1876 AcroRd32.exe
1876 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\open and click 70675479_49p 12_125081p 074_44795p _29963015_p 13170p 6_010p 0741760_0p 70347p _24801.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1876

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1876-55-0x0000000075B71000-0x0000000075B73000-memory.dmp

Filesize
8KB

Download