064903e907169830737061df5f0484c18cd8088f949167ac634886ee8e5da64d | Triage

Analysis

max time kernel
150s
max time network
124s
platform
windows7_x64
resource
win7-en-20211104
submitted
07-11-2021 19:09

Sharing

Report Analysis Logs

General

Target

97326756104* 8505769387538055513* 15054419216726831923255771* 692979056941182797317897805111* 949862.pdf
Size

109KB
MD5

33952d23cc746628e6f7835bddc6a82b
SHA1

02bd01526bbde8227ca1126b7bda0304c110059e
SHA256

064903e907169830737061df5f0484c18cd8088f949167ac634886ee8e5da64d
SHA512

0b179867f645e3ca390517c576d808422f3abb174f2238855d776db640d92e854a2a2c2da7c0235befe92f5e8fde0f4dbc311ef95c363d2a8889e9e9023ecadc

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1196 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1196 AcroRd32.exe
1196 AcroRd32.exe
1196 AcroRd32.exe
1196 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\97326756104_ 8505769387538055513_ 15054419216726831923255771_ 692979056941182797317897805111_ 949862.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1196

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1196-55-0x0000000075801000-0x0000000075803000-memory.dmp

Filesize
8KB

Download