30d259726d41c37647d03a48e3e4584345876f21d9a7da6bf05f9fd6425d76b3 | Triage

Analysis

max time kernel
157s
max time network
119s
platform
windows7_x64
resource
win7-en-20211014
submitted
07-11-2021 19:11

Sharing

Report Analysis Logs

General

Target

04359755743620021715002731956o 993344262420154337047o 504444506631885594867o 97443046284541020635901.pdf
Size

130KB
MD5

1485e4dc0f84726ad4b8b340d540e7be
SHA1

378715d684dc1d7d74a47beab2e3c862925680f5
SHA256

30d259726d41c37647d03a48e3e4584345876f21d9a7da6bf05f9fd6425d76b3
SHA512

9f4658437d09f27d304747f6db9f2e1a66476d6078b3ba5f8f222d3ba100f50be8286834a6b0bd9667761190814eb10d52e9d0aa086c6902580a34583f5586db

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1588 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1588 AcroRd32.exe
1588 AcroRd32.exe
1588 AcroRd32.exe
1588 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\04359755743620021715002731956o 993344262420154337047o 504444506631885594867o 97443046284541020635901.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1588

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1588-55-0x0000000075C21000-0x0000000075C23000-memory.dmp

Filesize
8KB

Download