4b2f28b066e2a35caeb4928a87b4fad3c1b5fecafb10925a2a5f183cda9d2332 | Triage

Analysis

max time kernel
119s
max time network
121s
platform
windows7_x64
resource
win7-en-20211014
submitted
10-11-2021 14:47

Sharing

Report Analysis Logs

General

Target

4b2f28b066e2a35caeb4928a87b4fad3c1b5fecafb10925a2a5f183cda9d2332.pdf.000.pdf
Size

63KB
MD5

e2e0f6937b6eba8bf5c790b90bd86f9d
SHA1

b39a01841ff8f6708926e736672a1e18634698a1
SHA256

4b2f28b066e2a35caeb4928a87b4fad3c1b5fecafb10925a2a5f183cda9d2332
SHA512

899f901d900ce5532fd2c028516b076d4e4787f48c48d47a4108135d989dd20f99a47deee3d20597dc4d57a39a928185b9b94db02150553b6258814870840730

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

948 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

948 AcroRd32.exe
948 AcroRd32.exe
948 AcroRd32.exe
948 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\4b2f28b066e2a35caeb4928a87b4fad3c1b5fecafb10925a2a5f183cda9d2332.pdf.000.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:948

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/948-55-0x00000000754F1000-0x00000000754F3000-memory.dmp

Filesize
8KB

Download