96939236f78fc1390f0eaf25d2e09e2c54e5a29784234f4d7192b01b452aef1b | Triage

Analysis

max time kernel
150s
max time network
119s
platform
windows7_x64
resource
win7-en-20211208
submitted
19-01-2022 13:51

Sharing

Report Analysis Logs

General

Target

wcms_760306.pdf
Size

7.8MB
MD5

0c90ff6d31b0e9257a6464df5af1719a
SHA1

8729bcfe064f35191781be04859d4e2860d8cb4b
SHA256

96939236f78fc1390f0eaf25d2e09e2c54e5a29784234f4d7192b01b452aef1b
SHA512

458593d9f01ada5b207fc88c9dea75c1b6a385ee1748f817282a1805bdb31637f182f1c5a6cb9dce197ee339cae15a27cc86379e5e23f997f6bccdbd165503bb

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1640 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1640 AcroRd32.exe
1640 AcroRd32.exe
1640 AcroRd32.exe
1640 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\wcms_760306.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1640

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1640-54-0x0000000075531000-0x0000000075533000-memory.dmp

Filesize
8KB

Download