977ddc92e3c5a2bf4a144baf00568544d43914752687c8d8a230a1c95476831f | Triage

Analysis

max time kernel
155s
max time network
119s
platform
windows7_x64
resource
win7-en-20211208
submitted
02-02-2022 02:24

Sharing

Report Analysis Logs

General

Target

977ddc92e3c5a2bf4a144baf00568544d43914752687c8d8a230a1c95476831f.pdf
Size

72KB
MD5

b90be1be290be860d8a5be2b40ca7c08
SHA1

8d4ff0df8b8cfa300fb2d5ccd7003bd1d6d2ca23
SHA256

977ddc92e3c5a2bf4a144baf00568544d43914752687c8d8a230a1c95476831f
SHA512

eb603e0b5db0f62429bd5b673b2e6aff8df126fc25a967c39fa5274195e5bb1445d45a1686e5788b17381b51de5c596ce14fa477bf5b250833ae30b0f6f2491e

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1088 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1088 AcroRd32.exe
1088 AcroRd32.exe
1088 AcroRd32.exe
1088 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\977ddc92e3c5a2bf4a144baf00568544d43914752687c8d8a230a1c95476831f.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1088

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1088-54-0x0000000076C61000-0x0000000076C63000-memory.dmp

Filesize
8KB

Download