Overview

overview

3

Static

static

3

open and c...dp.pdf

windows7_x64

1

open and c...dp.pdf

windows10_x64

1

Analysis

  • max time kernel
    155s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-en-20211014
  • submitted
    02-11-2021 19:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    open and click kanrt9 w.rjybg9 hw.sv9 nmdf.js9 vthhujie.9 rtzh.vc9 kgk.9 xphqs.z9 uibgb9 yuxj.wj9 dp.pdf

  • Size

    163KB

  • MD5

    2d72d69f803375679a28d461545001bf

  • SHA1

    f6c6a8620cd85ba87598862b75108d8c887f6772

  • SHA256

    7459cdc152530c54a33866af2e6bbaf970e63457c23bcc99c4e75fd3e98eb28c

  • SHA512

    7bd551ba7ca019232cf136b3f7f2876060db3df17be9ac1b342d4d7a1ecaf2a9b6af4e95c2a1e685cdabe6226dc735e2be5abf87c716371648e6b1645c4e5678

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\open and click kanrt9 w.rjybg9 hw.sv9 nmdf.js9 vthhujie.9 rtzh.vc9 kgk.9 xphqs.z9 uibgb9 yuxj.wj9 dp.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1124

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1124-55-0x0000000075F41000-0x0000000075F43000-memory.dmp

    Filesize

    8KB

    Download