Overview

overview

4

Static

static

3

ModuloConferma...56.pdf

windows7_x64

1

ModuloConferma...56.pdf

windows10_x64

4

Resubmissions

16-11-2021 12:04

211116-n8q8cadfh8 4

16-11-2021 11:58

211116-n5f8zadfg9 3

16-11-2021 11:55

211116-n3qpmaaffn 4

Analysis

  • max time kernel
    151s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-en-20211014
  • submitted
    16-11-2021 12:04

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ModuloConfermaIndirizzo_2016_56.pdf

  • Size

    89KB

  • MD5

    3e4e9232f4a973055eef13a2692ffc54

  • SHA1

    94cc703064b56a0416d884be1bf6a2edb66521c1

  • SHA256

    445f1576ff067209bd366064032e5826ef4b3b0e6b299184443053be75e49289

  • SHA512

    e6958ff09ca3ac3e826ce80d91c319d67390af75632a1012694799999ab9fd6b9a00e147b62fcd681fca76502a0fa2ff345af97e7754d3dea3c4c9611258dca6

Score
1/10

Malware Config

Signatures 2

  • Suspicious behavior: GetForegroundWindowSpam ⋅ 1 IoCs
  • Suspicious use of SetWindowsHookEx ⋅ 4 IoCs

Processes 1

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ModuloConfermaIndirizzo_2016_56.pdf"
    Suspicious behavior: GetForegroundWindowSpam
    Suspicious use of SetWindowsHookEx
    PID:556

Network

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Discovery

            Execution

              Exfiltration

                Impact

                  Initial Access

                    Lateral Movement

                      Persistence

                        Privilege Escalation

                          Replay Monitor

                          00:00 00:00

                          Downloads

                          • memory/556-55-0x00000000754A1000-0x00000000754A3000-memory.dmp
                            Download