271085d146dfdb2c221a1ecaf4c6c01a6eae70e9cea441968691ba130415952c | Triage

Analysis

max time kernel
133s
max time network
121s
platform
windows7_x64
resource
win7-en-20211208
submitted
28-12-2021 16:09

Sharing

Report Analysis Logs

General

Target

ATT72143.pdf
Size

119KB
MD5

6ffb8bfdd3f9e27729aaea208872d2b7
SHA1

5e0af2e3fa688a186107541618feb1d6eaf4214c
SHA256

271085d146dfdb2c221a1ecaf4c6c01a6eae70e9cea441968691ba130415952c
SHA512

212f66e53c4efab76831e59ed40f3d57c849b32f35baaf71d0077b67978f0a33d425a469311a2085feeff7ad64d8d7e55337a79e750ae4d91a3262a065db76ed

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1580 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1580 AcroRd32.exe
1580 AcroRd32.exe
1580 AcroRd32.exe
1580 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ATT72143.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1580

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1580-54-0x0000000075AE1000-0x0000000075AE3000-memory.dmp

Filesize
8KB

Download