e98d01de079b75f3f4b7fbf7b578ece6cd217cfa51423936ce60d08364712ce3 | Triage

Analysis

max time kernel
152s
max time network
121s
platform
windows7_x64
resource
win7-en-20211014
submitted
02-11-2021 19:12

Sharing

Report Analysis Logs

General

Target

open and click ziasu9 .uqz9 szaecz.wfw9 z.iakl9 zysv.nu9 peix.pye9 sk.xfww9 c.ga9 qe.aug9 bz.wxn9 xe.pdf
Size

92KB
MD5

2346f0e19cd85324f39fe0ba32c41f83
SHA1

664aefcca5d5c794bcedb06facb02f7ca3e1f237
SHA256

e98d01de079b75f3f4b7fbf7b578ece6cd217cfa51423936ce60d08364712ce3
SHA512

d874c68e641e261bf0020a3eaca88872cd5ef6875959118370fbecdc2852d5c29cfcd6070f3dff252cb249af46f2a7a3706b4e992de6280f8404feba70073cf3

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1116 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1116 AcroRd32.exe
1116 AcroRd32.exe
1116 AcroRd32.exe
1116 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\open and click ziasu9 .uqz9 szaecz.wfw9 z.iakl9 zysv.nu9 peix.pye9 sk.xfww9 c.ga9 qe.aug9 bz.wxn9 xe.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1116

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1116-55-0x00000000768A1000-0x00000000768A3000-memory.dmp

Filesize
8KB

Download