627a0821f36d7457dce7fd79ad76ccc3d6d58b90680123864a2daf901fc22769 | Triage

Analysis

max time kernel
153s
max time network
125s
platform
windows7_x64
resource
win7-en-20211208
submitted
01-02-2022 06:09

Sharing

Report Analysis Logs

General

Target

627a0821f36d7457dce7fd79ad76ccc3d6d58b90680123864a2daf901fc22769.pdf
Size

45KB
MD5

c66c308cb286cd1b3c464d4d645cbeb1
SHA1

e10a92cd490ce19d99a6ff58cd430da4910fd622
SHA256

627a0821f36d7457dce7fd79ad76ccc3d6d58b90680123864a2daf901fc22769
SHA512

20e7bb3ebdad068b51dbdc1038b9d44d1c320825bf1c4b34d3b41c98c1472e0a1d9ced06200e5cfe6e5d687bcc87c17cceb7faeed34da389386cc635bc9f225a

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1680 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1680 AcroRd32.exe
1680 AcroRd32.exe
1680 AcroRd32.exe
1680 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\627a0821f36d7457dce7fd79ad76ccc3d6d58b90680123864a2daf901fc22769.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1680

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1680-54-0x00000000766D1000-0x00000000766D3000-memory.dmp

Filesize
8KB

Download