847cc7dffaa79555394b900f70167d5f68846711cdee212ee16d8553f0a4e312 | Triage

Analysis

max time kernel
151s
max time network
125s
platform
windows7_x64
resource
win7-en-20211208
submitted
19-02-2022 22:07

Sharing

Report Analysis Logs

General

Target

847cc7dffaa79555394b900f70167d5f68846711cdee212ee16d8553f0a4e312.pdf
Size

768KB
MD5

c4380b4cd776bbe06528e70d5554ff63
SHA1

1fd9fda7c2f7887d3e31e8ad9c1ce8ca90bbaea4
SHA256

847cc7dffaa79555394b900f70167d5f68846711cdee212ee16d8553f0a4e312
SHA512

5ca7b6e17dde2be994dfbfe2e3241a2ac00e0c8a1cb88a892729b88921f2211457489bfc1bfe8205957273e0736635f4313592254132d54c9003796bd6f9a97b

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1640 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1640 AcroRd32.exe
1640 AcroRd32.exe
1640 AcroRd32.exe
1640 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\847cc7dffaa79555394b900f70167d5f68846711cdee212ee16d8553f0a4e312.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1640

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1640-54-0x0000000075531000-0x0000000075533000-memory.dmp

Filesize
8KB

Download