b3488ce3546e22ec56fa048de1ce2440b50e33e9d513dea2f51a6246a9df774c.pdf

General
Target

b3488ce3546e22ec56fa048de1ce2440b50e33e9d513dea2f51a6246a9df774c.pdf

Filesize

984KB

Completed

24-11-2021 15:07

Score
1/10
MD5

3c5e75bc707edf5cf7e4906d9576582c

SHA1

45c3ddf74581fc0a2a9af9b3fbbf69229f986609

SHA256

b3488ce3546e22ec56fa048de1ce2440b50e33e9d513dea2f51a6246a9df774c

Malware Config
Signatures 2

Filter: none

  • Suspicious behavior: GetForegroundWindowSpam
    AcroRd32.exe

    Reported IOCs

    pidprocess
    652AcroRd32.exe
  • Suspicious use of SetWindowsHookEx
    AcroRd32.exe

    Reported IOCs

    pidprocess
    652AcroRd32.exe
    652AcroRd32.exe
    652AcroRd32.exe
    652AcroRd32.exe
Processes 1
  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b3488ce3546e22ec56fa048de1ce2440b50e33e9d513dea2f51a6246a9df774c.pdf"
    Suspicious behavior: GetForegroundWindowSpam
    Suspicious use of SetWindowsHookEx
    PID:652
Network
MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Replay Monitor
                          00:00 00:00
                          Downloads
                          • memory/652-55-0x0000000076241000-0x0000000076243000-memory.dmp