c8720164f73b6f8d35bb6d0c0e834dcad0fa10335df3c2a0225814496bc82197 | Triage

Analysis

max time kernel
150s
max time network
120s
platform
windows7_x64
resource
win7-en-20211208
submitted
31-01-2022 15:54

Sharing

Report Analysis Logs

General

Target

c8720164f73b6f8d35bb6d0c0e834dcad0fa10335df3c2a0225814496bc82197.pdf
Size

38KB
MD5

1497ae48fdd7fdb2667c390b2a5deaa8
SHA1

e8f71b120add97d63c529d99b1b207c9ff93f5b0
SHA256

c8720164f73b6f8d35bb6d0c0e834dcad0fa10335df3c2a0225814496bc82197
SHA512

2744a96e394806e19dd4b754e793c874881f0e55c5d848b67fb849b1fd4924a8ec02724999ce1bad8a9e30d56c65d287da9792cc309968d3d6e830e7e98ff145

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1220 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1220 AcroRd32.exe
1220 AcroRd32.exe
1220 AcroRd32.exe
1220 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c8720164f73b6f8d35bb6d0c0e834dcad0fa10335df3c2a0225814496bc82197.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1220

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1220-53-0x0000000076071000-0x0000000076073000-memory.dmp

Filesize
8KB

Download