56bbe8cce06d7a59a813a10dcbcbf393632f2f676505164529e197dbd6cf24f4 | Triage

Analysis

max time kernel
300s
max time network
122s
platform
windows7_x64
resource
win7-en-20211208
submitted
09-12-2021 14:47

Sharing

Report Analysis Logs

General

Target

261.pdf
Size

127KB
MD5

c2bcf27f583090e9da97dfd49df5b11c
SHA1

3c8e4f8918e0490b517809a44ed8e6ea616b4ef3
SHA256

56bbe8cce06d7a59a813a10dcbcbf393632f2f676505164529e197dbd6cf24f4
SHA512

93ef199184b0dc285b33e1b57a4a53ee4cde5a627f3577f1076f5429cd01703f50b5fe6f2c37e106d7efac18a9969c63d42a15af4e2be9cd8db1e42b44255e15

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

856 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

856 AcroRd32.exe
856 AcroRd32.exe
856 AcroRd32.exe
856 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\261.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:856

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/856-54-0x0000000075891000-0x0000000075893000-memory.dmp

Filesize
8KB

Download