4148f9149925b21d200d6610df24fb8ee61dce4bd4b0c9296bd09bc11b3ebdcb | Triage

Analysis

max time kernel
150s
max time network
122s
platform
windows7_x64
resource
win7-en-20211208
submitted
14-12-2021 05:00

Sharing

Report Analysis Logs

General

Target

=?UTF-8?B?V09NIO2ajOyCrOyGjOqwnOyEnC5wZGY=?=.pdf
Size

11.4MB
MD5

fa12c21a7088d99607ff9675a7e3871d
SHA1

2a427fe08f3ee9b83bb3fefebf4d1a61f4522f2e
SHA256

4148f9149925b21d200d6610df24fb8ee61dce4bd4b0c9296bd09bc11b3ebdcb
SHA512

73ecdfb1ae24a8ea6460b4e53da1da6fd1cae2e7cf2d9eee15b15d8e5b2a806ae8450a8611418cbaa3dd835023e2f370a2ed82bc91768bceb22bc2f9a83fb7f7

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1944 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1944 AcroRd32.exe
1944 AcroRd32.exe
1944 AcroRd32.exe
1944 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\=_UTF-8_B_V09NIO2ajOyCrOyGjOqwnOyEnC5wZGY=_=.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1944

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1944-55-0x00000000760F1000-0x00000000760F3000-memory.dmp

Filesize
8KB

Download