4116201cf446428b2f1452b3adb01eb61b0a5d2ee1d021329e8f0f1464615c20 | Triage

Analysis

max time kernel
151s
max time network
117s
platform
windows7_x64
resource
win7-en-20211104
submitted
07-11-2021 19:07

Sharing

Report Analysis Logs

General

Target

1053462082051178o 98157361572962813252925o 59192882087694o 8375203917659899713725o 92450063917231o 1.pdf
Size

203KB
MD5

543f852db4bddbf366a59a8edd105dae
SHA1

4672b48af9f7a759764872e75f5a6590483faf77
SHA256

4116201cf446428b2f1452b3adb01eb61b0a5d2ee1d021329e8f0f1464615c20
SHA512

3e53f48bf5baa9edecdd341b4b8341037848ab1494c25576014a18641496d831828e5a705b0055546fe4783d28ed33080d7a23ab63fd0b765a9004e81f49f985

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1924 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1924 AcroRd32.exe
1924 AcroRd32.exe
1924 AcroRd32.exe
1924 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\1053462082051178o 98157361572962813252925o 59192882087694o 8375203917659899713725o 92450063917231o 1.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1924

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1924-55-0x0000000076351000-0x0000000076353000-memory.dmp

Filesize
8KB

Download