b3488ce3546e22ec56fa048de1ce2440b50e33e9d513dea2f51a6246a9df774c | Triage

Analysis

max time kernel
121s
max time network
124s
platform
windows7_x64
resource
win7-en-20211014
submitted
24-11-2021 15:04

Sharing

Report Analysis Logs

General

Target

b3488ce3546e22ec56fa048de1ce2440b50e33e9d513dea2f51a6246a9df774c.pdf
Size

984KB
MD5

3c5e75bc707edf5cf7e4906d9576582c
SHA1

45c3ddf74581fc0a2a9af9b3fbbf69229f986609
SHA256

b3488ce3546e22ec56fa048de1ce2440b50e33e9d513dea2f51a6246a9df774c
SHA512

186958961bb4d978462934ed0e06b7e9b364d740facbcf7c3c4c0462d6efbcb895c4f08e21d2223dfef97f6408456129a42e6485bad7691b654bdbd98282409c

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

652 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

652 AcroRd32.exe
652 AcroRd32.exe
652 AcroRd32.exe
652 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b3488ce3546e22ec56fa048de1ce2440b50e33e9d513dea2f51a6246a9df774c.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:652

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/652-55-0x0000000076241000-0x0000000076243000-memory.dmp

Filesize
8KB

Download