9322b5cf1ba09c77e11aea67239209b442e0b49aef4acfb0e3336b2f27242468 | Triage

Analysis

max time kernel
152s
max time network
122s
platform
windows7_x64
resource
win7-en-20211104
submitted
20-11-2021 19:53

Sharing

Report Analysis Logs

General

Target

sipt28p.pdf
Size

4.7MB
MD5

19ab99166a394ab2e92768342a796653
SHA1

b0da5fc7f7f4237ab7679effeb6b8bf4c1e413db
SHA256

9322b5cf1ba09c77e11aea67239209b442e0b49aef4acfb0e3336b2f27242468
SHA512

158f9bd7abf5d1fe88a9a782fc6ba5e1777e4c89fa0411c9d31617c21abf53622037a3e423f6eb0d3cdf48a8f80aed3fbbeaceec89c4a965d5406ab70c2c8315

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

764 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

764 AcroRd32.exe
764 AcroRd32.exe
764 AcroRd32.exe
764 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\sipt28p.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:764

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/764-55-0x0000000075BB1000-0x0000000075BB3000-memory.dmp

Filesize
8KB

Download