7aa1a844bf88fd7da03bed3dd95b9634dc93b458e784119133edcdfa384751a1 | Triage

Analysis

max time kernel
153s
max time network
119s
platform
windows7_x64
resource
win7-en-20211014
submitted
01-11-2021 19:15

Sharing

Report Analysis Logs

General

Target

open and click 067145*3p 499*173p 6712113*53p 427*06874p 4829*432p 84*283854p 7*28p 351*63416p 59087.pdf
Size

218KB
MD5

842a284c2d7835216b4fda1ac9a6b44e
SHA1

4c4a1e38823e47fb0ebcd76259657076083db7bd
SHA256

7aa1a844bf88fd7da03bed3dd95b9634dc93b458e784119133edcdfa384751a1
SHA512

9063ce9e2807eb7c1b998128b0b76c316a6dd9f880cd4d7891bfc12744e90ce85bcbeb8a388b5b4e98e99a17970b8327647c4d0bca060727b126593a384fdd89

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

740 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

740 AcroRd32.exe
740 AcroRd32.exe
740 AcroRd32.exe
740 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\open and click 067145_3p 499_173p 6712113_53p 427_06874p 4829_432p 84_283854p 7_28p 351_63416p 59087.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:740

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/740-55-0x0000000074A31000-0x0000000074A33000-memory.dmp

Filesize
8KB

Download