Overview

overview

3

Static

static

3

open and c....d.pdf

windows7_x64

1

open and c....d.pdf

windows10_x64

1

Analysis

  • max time kernel
    157s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-en-20211014
  • submitted
    03-11-2021 03:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    open and click bercfjb9 ybr.v9 uhbknzq.9 ikcznv.f9 cbenpj9 .jfobct9 .bshrrnbko9 s.dkoso9 ga.tl9 wp.d.pdf

  • Size

    91KB

  • MD5

    3190fe08383e339f5f29e8c032157c65

  • SHA1

    e84af2e18c83fb20eb83e9ea6ca1b2b25703e764

  • SHA256

    68435d9e76ac9b3cb6076bec4bdb1897b8c8326b1d9d41ce26606af70d4c0067

  • SHA512

    a3e67c8941689c3bae626ac55bd980212c5d0f1be0e30c11362c017853132e13a35afdb32ea6a65e85d4ab0f650913ab301fa8c63ffc2eca17fa4f6d6b169510

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\open and click bercfjb9 ybr.v9 uhbknzq.9 ikcznv.f9 cbenpj9 .jfobct9 .bshrrnbko9 s.dkoso9 ga.tl9 wp.d.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1324

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1324-55-0x0000000074F21000-0x0000000074F23000-memory.dmp
    Filesize

    8KB

    Download