Overview

overview

10

Static

static

10

01/2015.5.27/01.vir

windows7_x64

3

01/2015.5.27/01.vir

windows10_x64

3

PER-DCOMP-...ao.dll

windows7_x64

1

PER-DCOMP-...ao.dll

windows10_x64

1

01/2015.5.27/03.exe

windows7_x64

8

01/2015.5.27/03.exe

windows10_x64

8

01/2015.5.27/04.exe

windows7_x64

1

01/2015.5.27/04.exe

windows10_x64

1

01/2015.5.27/05.exe

windows7_x64

10

01/2015.5.27/05.exe

windows10_x64

10

01/2015.5.27/07.exe

windows7_x64

7

01/2015.5.27/07.exe

windows10_x64

7

01/2015.5.27/09.exe

windows7_x64

10

01/2015.5.27/09.exe

windows10_x64

10

01/2015.5.27/10.exe

windows7_x64

10

01/2015.5.27/10.exe

windows10_x64

10

01/2015.5.27/12.pdf

windows7_x64

1

01/2015.5.27/12.pdf

windows10_x64

1

01/2015.5.27/13.pdf

windows7_x64

1

01/2015.5.27/13.pdf

windows10_x64

1

01/2015.5.27/14.exe

windows7_x64

8

01/2015.5.27/14.exe

windows10_x64

8

01/2015.5.27/15.dll

windows7_x64

1

01/2015.5.27/15.dll

windows10_x64

1

01/2015.5.27/16.rtf

windows7_x64

10

01/2015.5.27/16.rtf

windows10_x64

1

01/2015.5.27/17.pdf

windows7_x64

1

01/2015.5.27/17.pdf

windows10_x64

1

01/2015.5.27/18.doc

windows7_x64

1

01/2015.5.27/18.doc

windows10_x64

1

Analysis

  • max time kernel
    158s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-en-20211208
  • submitted
    28-01-2022 13:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    01/2015.5.27/12.pdf

  • Size

    188KB

  • MD5

    42c7e182b17036e117f6119582ab9f53

  • SHA1

    494ca78104a76bb0c8acae01668da4fa3d9c7680

  • SHA256

    7a08c9a6765b4ded3c8089b834f524f2c7cc7b5400278eabba16db8f1c1d54e2

  • SHA512

    9766547666d99c9344f422179529144c436b85267026cbb916b48ff63bdf78ca2d51c204f6bd53e4f1c865e2043fc90987ff454245d3648d5f5f4a4a76c30d7e

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\01\2015.5.27\12.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1616

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1616-55-0x0000000076921000-0x0000000076923000-memory.dmp
    Filesize

    8KB

    Download