4077a68122cb42cec3f6901e13e875683144a440d17e2062dbe30ba3fa7a6bcc | Triage

Analysis

max time kernel
152s
max time network
123s
platform
windows7_x64
resource
win7-en-20211014
submitted
08-11-2021 19:09

Sharing

Report Analysis Logs

General

Target

skal 1954154195114917848180139981470* 01891400601575544851444308090* 25874747778429489* 371302588195.pdf
Size

183KB
MD5

60d2b3396993d2a405d2fb358a52eae7
SHA1

693a9a5f900b81849c3cc4134527084080e47f1f
SHA256

4077a68122cb42cec3f6901e13e875683144a440d17e2062dbe30ba3fa7a6bcc
SHA512

eb3e7e8dabc22fbaab90c2094943dba69cfc7ae56752528a99eb6460acc98a6de2a1ac1aafcc81e65804914f33b14f3c6930f6a304549adf5273059fe29a7370

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1748 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1748 AcroRd32.exe
1748 AcroRd32.exe
1748 AcroRd32.exe
1748 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\skal 1954154195114917848180139981470_ 01891400601575544851444308090_ 25874747778429489_ 371302588195.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1748

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1748-55-0x0000000075B71000-0x0000000075B73000-memory.dmp

Filesize
8KB

Download