1ed0dfd145a9cd380d6123b16782c58639b097aa5df697d30f50c817365d5f38 | Triage

Analysis

max time kernel
152s
max time network
119s
platform
windows7_x64
resource
win7-en-20211104
submitted
07-11-2021 19:11

Sharing

Report Analysis Logs

General

Target

90802988488383124538745008o 21482540965o 7867601104935o 66576450886310325399264013o 4983890292634o 9.pdf
Size

129KB
MD5

fd62dee8094e9800dbcc755d91590a0a
SHA1

eeddf773536799fcf80cb63c3ae285dd94c170cd
SHA256

1ed0dfd145a9cd380d6123b16782c58639b097aa5df697d30f50c817365d5f38
SHA512

250573602b3d720b8decb3c3b2ba769ad7f2d2082e0583b24cc95c05f25b5fe1f7f5df533731df486aee3249e02b66ab2f209d55b54405a550397638c10210a0

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1512 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1512 AcroRd32.exe
1512 AcroRd32.exe
1512 AcroRd32.exe
1512 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\90802988488383124538745008o 21482540965o 7867601104935o 66576450886310325399264013o 4983890292634o 9.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1512

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1512-55-0x0000000076A21000-0x0000000076A23000-memory.dmp

Filesize
8KB

Download