3348ade24940a767e25a8a062a6f430f049af51e0fc594cbf14ca192aad36a11 | Triage

Analysis

max time kernel
152s
max time network
124s
platform
windows7_x64
resource
win7-en-20211208
submitted
11-02-2022 23:47

Sharing

Report Analysis Logs

General

Target

test1.pdf
Size

14KB
MD5

24454b424816b32c41ff3d8c492dfba1
SHA1

c5575d94426415acadb22ab773db324b594fc4a1
SHA256

3348ade24940a767e25a8a062a6f430f049af51e0fc594cbf14ca192aad36a11
SHA512

60f7fa743052d5d99825113afe94a1cdefb76b8578b2f39cba0c943a18efc26c272b186b2180e60412b3de6e9593ec9bfbb2e202aea7336d9f4bd10c6887912f

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

756 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

756 AcroRd32.exe
756 AcroRd32.exe
756 AcroRd32.exe
756 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\test1.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:756

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/756-54-0x0000000075531000-0x0000000075533000-memory.dmp

Filesize
8KB

Download