Overview

overview

3

Static

static

3

unpack001/...es.pdf

windows7_x64

1

unpack001/...es.pdf

windows10_x64

1

Resubmissions

03-12-2021 21:14

211203-z3jf4ahddm 3

03-12-2021 21:09

211203-zzmz4shddj 3

Analysis

  • max time kernel
    35s
  • max time network
    1s
  • platform
    windows7_x64
  • resource
    win7-en-20211014
  • submitted
    03-12-2021 21:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    unpack001/DEUDA POR CANCELAR Nro. 0068967 Transporte Empresarial y Turistico Carines.pdf

  • Size

    253KB

  • MD5

    b8f69c317f7cf0d18a3521db7c81a9e7

  • SHA1

    c53d54b9aa46c05ca2f62692ee4a2294db208833

  • SHA256

    e16b38a67298a1973a19460f17b892394fdfa3588f7c00f287ab98bb2baf4154

  • SHA512

    3720ff63909c00b21b80295a2dd0554429233c43254a3f92f4395a208a03936a2441d8caa91ea1a93e4d0ba1c0ba3fb6745cf0e35edef10fd5f40bb9469fe834

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\unpack001\DEUDA POR CANCELAR Nro. 0068967 Transporte Empresarial y Turistico Carines.pdf"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1116

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1116-55-0x00000000762D1000-0x00000000762D3000-memory.dmp

    Filesize

    8KB

    Download