dbd3cd3680906bad2ff0e729cb233132c7e6d7cadeb75de3439258568b614e6a | Triage

Analysis

max time kernel
152s
max time network
117s
platform
windows7_x64
resource
win7-en-20211104
submitted
07-11-2021 19:10

Sharing

Report Analysis Logs

General

Target

958347055205621700449740o 4852055245019831324131075o 228615864390803059918832974o 379324002128768677.pdf
Size

129KB
MD5

d9425d8d1ca227131d342801f44c10cb
SHA1

25cfc1420ccd149adf5d8994cc7044c6c4daf690
SHA256

dbd3cd3680906bad2ff0e729cb233132c7e6d7cadeb75de3439258568b614e6a
SHA512

0f473ee9eb3530f49beb931f0a72722398fb9746364358791ed79bd59ad78a36a47a2c23364e39168b0e9669dad2f8fcfd5b922932559efc2d9efe47defbeddd

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

824 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

824 AcroRd32.exe
824 AcroRd32.exe
824 AcroRd32.exe
824 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\958347055205621700449740o 4852055245019831324131075o 228615864390803059918832974o 379324002128768677.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:824

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/824-55-0x0000000075C51000-0x0000000075C53000-memory.dmp

Filesize
8KB

Download