ModuloConfermaIndirizzo_2016_56.zip

General
Target

ModuloConfermaIndirizzo_2016_56.pdf

Filesize

89KB

Completed

16-11-2021 12:06

Score
1/10
MD5

3e4e9232f4a973055eef13a2692ffc54

SHA1

94cc703064b56a0416d884be1bf6a2edb66521c1

SHA256

445f1576ff067209bd366064032e5826ef4b3b0e6b299184443053be75e49289

Malware Config
Signatures 2

Filter: none

  • Suspicious behavior: GetForegroundWindowSpam
    AcroRd32.exe

    Reported IOCs

    pidprocess
    556AcroRd32.exe
  • Suspicious use of SetWindowsHookEx
    AcroRd32.exe

    Reported IOCs

    pidprocess
    556AcroRd32.exe
    556AcroRd32.exe
    556AcroRd32.exe
    556AcroRd32.exe
Processes 1
  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ModuloConfermaIndirizzo_2016_56.pdf"
    Suspicious behavior: GetForegroundWindowSpam
    Suspicious use of SetWindowsHookEx
    PID:556
Network
MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Replay Monitor
                          00:00 00:00
                          Downloads
                          • memory/556-55-0x00000000754A1000-0x00000000754A3000-memory.dmp