96b279e1d8074821392b8f01c40981b7d4dc061eadad98305208000afba130ef | Triage

Analysis

max time kernel
153s
max time network
127s
platform
windows7_x64
resource
win7-en-20211208
submitted
21-01-2022 23:27

Sharing

Report Analysis Logs

General

Target

96b279e1d8074821392b8f01c40981b7d4dc061eadad98305208000afba130ef.pdf
Size

67KB
MD5

e95b50d462bec50ead081c4e2b94202b
SHA1

e777927c55a18f4427872c462df1f727ae4cc76c
SHA256

96b279e1d8074821392b8f01c40981b7d4dc061eadad98305208000afba130ef
SHA512

0c4cb3b28f8d5b1714f83c5bab3be7cc0d46da9f2303108579a778e6333e5da3ce5c60b74a12e57bb071d9abcca1de9898b3e4f9b3ee267a5f9bef71b1656fdd

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1516 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1516 AcroRd32.exe
1516 AcroRd32.exe
1516 AcroRd32.exe
1516 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\96b279e1d8074821392b8f01c40981b7d4dc061eadad98305208000afba130ef.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1516

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1516-54-0x0000000075601000-0x0000000075603000-memory.dmp

Filesize
8KB

Download