f8d84b35b6552db5356f557bf06704101833797b0e793916d42d75736c9307af | Triage

Analysis

max time kernel
150s
max time network
117s
platform
windows7_x64
resource
win7-en-20211208
submitted
24-01-2022 12:58

Sharing

Report Analysis Logs

General

Target

file.pdf
Size

2.4MB
MD5

8a041c5ec0a28e93783be82cc0b4d64a
SHA1

a0a9c418a7a8c0c7197508b9d90f55f360cdb712
SHA256

f8d84b35b6552db5356f557bf06704101833797b0e793916d42d75736c9307af
SHA512

efd92455214abc04a59c72df8aea45c9965360520d10e54affd30163e4edfec5043f721426e03be81abc638603225f1f1805b008e0122084a7f27abbfcf079df

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

836 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

836 AcroRd32.exe
836 AcroRd32.exe
836 AcroRd32.exe
836 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\file.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:836

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/836-54-0x0000000075D61000-0x0000000075D63000-memory.dmp

Filesize
8KB

Download