5eaa1f5305f4c25292dff29257cd3e14ba3f956f6f8ddb206c0ee3e09af8244e | Triage

Analysis

max time kernel
159s
max time network
130s
platform
windows7_x64
resource
win7-en-20211208
submitted
03-02-2022 09:43

Sharing

Report Analysis Logs

General

Target

5eaa1f5305f4c25292dff29257cd3e14ba3f956f6f8ddb206c0ee3e09af8244e.pdf
Size

30KB
MD5

2c182c48da297dcee3c7cafab4e46161
SHA1

d031305516b4791ec52a2bd03450d185c16e8dd0
SHA256

5eaa1f5305f4c25292dff29257cd3e14ba3f956f6f8ddb206c0ee3e09af8244e
SHA512

092b8c4cdbd27664551e3a2e5b1617bd2f9ea44b1c8ba8320bd833a9d99694e558ad8cbc3b947f7653c29d9cfcb48ca3381e9fe02f128399e263690f7ebcba4d

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

2032 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

2032 AcroRd32.exe
2032 AcroRd32.exe
2032 AcroRd32.exe
2032 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\5eaa1f5305f4c25292dff29257cd3e14ba3f956f6f8ddb206c0ee3e09af8244e.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2032

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2032-55-0x0000000076641000-0x0000000076643000-memory.dmp

Filesize
8KB

Download