Analysis

  • max time kernel
    150s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-en-20211208
  • submitted
    13-01-2022 11:12

General

  • Target

    JOHN FINNEGAN.pdf

  • Size

    339KB

  • MD5

    f0b94ef4ec462dc0438917d9dd7376ba

  • SHA1

    5ee262f8dd37815a40b313543a45b4e2dfa59e75

  • SHA256

    e548c7afe7517c3915007e500a5a248f2c0b3c3068cb6acda75a1105554b7fc4

  • SHA512

    9f4bef8f3a26e7874a493ac4f586360bb69f9979ec136e64a50e3d447e3721ada66fa5d5fded6e110d19164c7b31518cd54def897a51e3af699135efdaa5f4c0

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\JOHN FINNEGAN.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:536

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/536-55-0x00000000763B1000-0x00000000763B3000-memory.dmp
    Filesize

    8KB