a7358bb72d70cb4e90011f26b15ede41af271e63fe584635d8b638ec6e7babda | Triage

Analysis

max time kernel
154s
max time network
142s
platform
windows7_x64
resource
win7-en-20211208
submitted
21-01-2022 23:22

Sharing

Report Analysis Logs

General

Target

a7358bb72d70cb4e90011f26b15ede41af271e63fe584635d8b638ec6e7babda.pdf
Size

67KB
MD5

290400014dd47271d6ed315d488f4b62
SHA1

70015609f797da3bbcacd2dcf6b0c6eca994fb21
SHA256

a7358bb72d70cb4e90011f26b15ede41af271e63fe584635d8b638ec6e7babda
SHA512

fc795c0325987bf7f3c5a6f0429dfc69be7e8e4177dd73b8b02d9d83cb01e3340b153bc872c1ca0197957c8ab27519e514a0974e911f3c39db1c7e8e08236aec

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1512 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1512 AcroRd32.exe
1512 AcroRd32.exe
1512 AcroRd32.exe
1512 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a7358bb72d70cb4e90011f26b15ede41af271e63fe584635d8b638ec6e7babda.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1512

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1512-55-0x0000000075191000-0x0000000075193000-memory.dmp

Filesize
8KB

Download