Analysis

  • max time kernel
    151s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-en-20211014
  • submitted
    16-11-2021 12:04

General

  • Target

    ModuloConfermaIndirizzo_2016_56.pdf

  • Size

    89KB

  • MD5

    3e4e9232f4a973055eef13a2692ffc54

  • SHA1

    94cc703064b56a0416d884be1bf6a2edb66521c1

  • SHA256

    445f1576ff067209bd366064032e5826ef4b3b0e6b299184443053be75e49289

  • SHA512

    e6958ff09ca3ac3e826ce80d91c319d67390af75632a1012694799999ab9fd6b9a00e147b62fcd681fca76502a0fa2ff345af97e7754d3dea3c4c9611258dca6

Score
1/10

Malware Config

Signatures 2

  • Suspicious behavior: GetForegroundWindowSpam ⋅ 1 IoCs
  • Suspicious use of SetWindowsHookEx ⋅ 4 IoCs

Processes 1

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ModuloConfermaIndirizzo_2016_56.pdf"
    Suspicious behavior: GetForegroundWindowSpam
    Suspicious use of SetWindowsHookEx
    PID:556

Network

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Discovery

            Execution

              Exfiltration

                Impact

                  Initial Access

                    Lateral Movement

                      Persistence

                        Privilege Escalation

                          Replay Monitor

                          00:00 00:00

                          Downloads

                          • memory/556-55-0x00000000754A1000-0x00000000754A3000-memory.dmp