412f5f0a630cb10a947010d77b60bc78e8e391f3fd9a243114b1463f52cf90c6 | Triage

Analysis

max time kernel
151s
max time network
131s
platform
windows7_x64
resource
win7-en-20211014
submitted
07-11-2021 19:08

Sharing

Report Analysis Logs

General

Target

074808401593967485110311o 923989568740471081414146o 662260312221284775422016589o 8778662880067630725.pdf
Size

204KB
MD5

8e6bdccb8c8db4adca1c3aa04eb865ad
SHA1

a1b95878762b86c0b8c8eeb0b9c4ad1d81a805a8
SHA256

412f5f0a630cb10a947010d77b60bc78e8e391f3fd9a243114b1463f52cf90c6
SHA512

3aea25bdbdd0bb491606ec82043e4f8c7d6ea45a03d6ea0143d483600df5c042b185dceab8e9019bbddb5d9ac3b8f90164de18d473db79dd7caa0a131e06a090

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1336 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1336 AcroRd32.exe
1336 AcroRd32.exe
1336 AcroRd32.exe
1336 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\074808401593967485110311o 923989568740471081414146o 662260312221284775422016589o 8778662880067630725.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1336

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1336-55-0x0000000076531000-0x0000000076533000-memory.dmp

Filesize
8KB

Download