15f7e8ba3bd842b9695954752450217e869ef1bef6f9a52b272fa85310f37ee6 | Triage

Analysis

max time kernel
153s
max time network
121s
platform
windows7_x64
resource
win7-en-20211014
submitted
01-11-2021 19:12

Sharing

Report Analysis Logs

General

Target

open and click 02011p *8031*p 704619*6p 45181p 0*97577*p 6126882p 3*12832944p *7361p 88987*p 536916p.pdf
Size

131KB
MD5

76d83183760b9e5a610b077a71159ba9
SHA1

442fd0041c962dbe2bee65b714f4ed6136d8d78b
SHA256

15f7e8ba3bd842b9695954752450217e869ef1bef6f9a52b272fa85310f37ee6
SHA512

14b911543fcba4eae9ec84a5e744f336332a5bc44a9f81923e78b0bf8c58c23b360b114c48f04f6e651084961fca65ee3745b5cf05dfc5bc3305f118c7a02b3e

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

764 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

764 AcroRd32.exe
764 AcroRd32.exe
764 AcroRd32.exe
764 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\open and click 02011p _8031_p 704619_6p 45181p 0_97577_p 6126882p 3_12832944p _7361p 88987_p 536916p.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:764

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/764-55-0x00000000768A1000-0x00000000768A3000-memory.dmp

Filesize
8KB

Download