f74199f59533fbbe57f0b2aae45c837b3ed5e4f5184e74c02e06c12c6535f0f9 | Triage

Analysis

max time kernel
153s
max time network
134s
platform
windows7_x64
resource
win7-en-20211208
submitted
01-02-2022 02:34

Sharing

Report Analysis Logs

General

Target

20200308-sitrep-48-covid-19.pdf
Size

836KB
MD5

faf5ef01f4a9bf2aba7ede67dcc5a2d4
SHA1

4e0c1a05360c6bebf903a708acf6792b13f43870
SHA256

2dd886cc041ea6e5e80880ccbbc54be42079598acf0c1e7e459616c3f9c0dd34
SHA512

443b8553c93e1390f5ec872f2a0d7a60fb6893fc47d8c36e6c846c3bb7cace0c6087c565f832d7a115387c982253ad0997275aafda7b74a37174448ebc2bdf9d

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

744 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

744 AcroRd32.exe
744 AcroRd32.exe
744 AcroRd32.exe
744 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\20200308-sitrep-48-covid-19.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:744

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/744-54-0x0000000075341000-0x0000000075343000-memory.dmp

Filesize
8KB

Download