25333e5ed6e24982e22828bfc0571470fafe2b0bc465def9617c3030dae1d2cc | Triage

Analysis

max time kernel
151s
max time network
121s
platform
windows7_x64
resource
win7-en-20211104
submitted
07-11-2021 19:09

Sharing

Report Analysis Logs

General

Target

31451808750o 02872363041174238370610130061o 095453046112354186465213826420o 366027071037413963040252.pdf
Size

205KB
MD5

6ce147b04911ebf44a63f8bcea264a3f
SHA1

4a01c4352bfe5f7ad360241c9953c42e9b4464e9
SHA256

25333e5ed6e24982e22828bfc0571470fafe2b0bc465def9617c3030dae1d2cc
SHA512

f27eb65875c465c65e4c82b88c62938b4d7e4d576f569fe9836493bfa3d71989ea2f2b929992ce17845d175e88dc785b25a654e2f66f794dc19b8f0563f620aa

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1712 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1712 AcroRd32.exe
1712 AcroRd32.exe
1712 AcroRd32.exe
1712 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\31451808750o 02872363041174238370610130061o 095453046112354186465213826420o 366027071037413963040252.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1712

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1712-55-0x0000000074E51000-0x0000000074E53000-memory.dmp

Filesize
8KB

Download