75d5493c4180238c7f44c922684673c57d1013e644d259c34fafb9991898f476 | Triage

Analysis

max time kernel
155s
max time network
121s
platform
windows7_x64
resource
win7-en-20211014
submitted
07-11-2021 19:11

Sharing

Report Analysis Logs

General

Target

8290397494089771740o 96480360870o 68747704500991290355055617660o 397780630119o 0377821270o 978777328.pdf
Size

205KB
MD5

6b8ffc318e74208edc10fd32d6252bfa
SHA1

fc1756c5b974cd5b8ad369c3096d8f0ac88ba736
SHA256

75d5493c4180238c7f44c922684673c57d1013e644d259c34fafb9991898f476
SHA512

d5c35191b99be2d759812d59ef9ff1d3c75ef0559d506b048eca34d0d55da0d4d17f129f5379ecaa22a5f170812a03e2a5fa67580f772999985c4379657f1249

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

908 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

908 AcroRd32.exe
908 AcroRd32.exe
908 AcroRd32.exe
908 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8290397494089771740o 96480360870o 68747704500991290355055617660o 397780630119o 0377821270o 978777328.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:908

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/908-55-0x00000000768A1000-0x00000000768A3000-memory.dmp

Filesize
8KB

Download