2fcd16f96e06e860110d2303f87f932650f478c1b656f9fab43128edccf49451 | Triage

Analysis

max time kernel
150s
max time network
123s
platform
windows7_x64
resource
win7-en-20211104
submitted
07-11-2021 19:11

Sharing

Report Analysis Logs

General

Target

3032589392178101455496o 520728121688346587536o 1808893140281398025295939o 32033885228186641524563530.pdf
Size

206KB
MD5

73ba559825cc984afde251a149c1e8e2
SHA1

b4ee6561b842c39c1607e9f6d59ac794e101117a
SHA256

2fcd16f96e06e860110d2303f87f932650f478c1b656f9fab43128edccf49451
SHA512

95e9a221e4f0d5fe0ea8f282afacaef971cedee8e7d2d762d32cfd8ccd5982ea8a6e8609bf5d9a6338d346ad9304afb1fa384e3254ff695754f8341ba3e4daac

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

332 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

332 AcroRd32.exe
332 AcroRd32.exe
332 AcroRd32.exe
332 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\3032589392178101455496o 520728121688346587536o 1808893140281398025295939o 32033885228186641524563530.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:332

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/332-55-0x0000000075A01000-0x0000000075A03000-memory.dmp

Filesize
8KB

Download