d405c57503652f93c7e8738fb45fe14ba52fb6979cd2e08104a342452b1aa0d6 | Triage

Analysis

max time kernel
118s
max time network
138s
platform
windows7_x64
resource
win7-en-20211208
submitted
26-01-2022 15:11

Sharing

Report Analysis Logs

General

Target

ADUANAS COBRO JURIDICOS.pdf
Size

114KB
MD5

c288134cc32c5485299fe4a74f7edaa3
SHA1

8559d0f2852ad38a3f3c568beee50e94a10099d9
SHA256

d405c57503652f93c7e8738fb45fe14ba52fb6979cd2e08104a342452b1aa0d6
SHA512

c9683c617adf146a8bdd19251c2da6d58df745d47fe9205872efab012f78f364d8ecf936e2ca62a4f4e4b4e450330e7469f2b9820ab886b84b6406bf3ab1946b

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

320 AcroRd32.exe
Suspicious use of SetWindowsHookEx 3 IoCs

Processes:

AcroRd32.exe

pid process

320 AcroRd32.exe
320 AcroRd32.exe
320 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ADUANAS COBRO JURIDICOS.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:320

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/320-54-0x0000000075F21000-0x0000000075F23000-memory.dmp

Filesize
8KB

Download