13ad84b1c893f6b628c622b74bd1e300ff0b4a561ed4d5341c67cf5646a1a628 | Triage

Analysis

max time kernel
154s
max time network
122s
platform
windows7_x64
resource
win7-en-20211208
submitted
30-01-2022 16:21

Sharing

Report Analysis Logs

General

Target

13ad84b1c893f6b628c622b74bd1e300ff0b4a561ed4d5341c67cf5646a1a628.pdf
Size

67KB
MD5

33029135af3f1af215723909403653c4
SHA1

92eff5f9c7a173fc24fddd3b0e6a1960628c5dc8
SHA256

13ad84b1c893f6b628c622b74bd1e300ff0b4a561ed4d5341c67cf5646a1a628
SHA512

45474553f61caeed49646004f4851d6141ae8c4a6f77764ca35e73289db38d955e1f4742b4f7e6c3771e93c32ba628092515972c612efed274b9547d645b220f

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1468 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1468 AcroRd32.exe
1468 AcroRd32.exe
1468 AcroRd32.exe
1468 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\13ad84b1c893f6b628c622b74bd1e300ff0b4a561ed4d5341c67cf5646a1a628.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1468

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1468-54-0x0000000075CE1000-0x0000000075CE3000-memory.dmp

Filesize
8KB

Download