Overview

overview

3

Static

static

3

k0DmLNX Uw...T .pdf

windows7_x64

1

k0DmLNX Uw...T .pdf

windows10_x64

1

Analysis

  • max time kernel
    151s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-en-20210920
  • submitted
    01-11-2021 19:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    k0DmLNX UwV8Hfp cWUFY PNigXTT .pdf

  • Size

    152KB

  • MD5

    9b591d4c96cbae462672052f79953d1f

  • SHA1

    952cf338bb3cded7aa2b68e3ade4ce95ac1bbde8

  • SHA256

    e7474bb6d5aa4d29c5f295190e771f1e4328123c9d5d21cd8febb5376f24f980

  • SHA512

    05e9dade62855bef66d2a71e13230e92fb38cce4b9202b0c258ac03b73395af693b3f18d61563683eed8e61d53536b325d66268df939304302fa158965034aa1

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\k0DmLNX UwV8Hfp cWUFY PNigXTT .pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1372

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1372-54-0x00000000767F1000-0x00000000767F3000-memory.dmp
    Filesize

    8KB

    Download