73b56e23da3fdb464096eab8a8ecc665e5bee8d3f6319ecb0b0a8cd6453d4b1c | Triage

Analysis

max time kernel
151s
max time network
125s
platform
windows7_x64
resource
win7-en-20211208
submitted
19-02-2022 22:18

Sharing

Report Analysis Logs

General

Target

73b56e23da3fdb464096eab8a8ecc665e5bee8d3f6319ecb0b0a8cd6453d4b1c.pdf
Size

652KB
MD5

de521f9e4bc6e934bb911f4db4a92d36
SHA1

7867045ba820b39945fd15eba420f542e198179f
SHA256

73b56e23da3fdb464096eab8a8ecc665e5bee8d3f6319ecb0b0a8cd6453d4b1c
SHA512

5db1a50c85429cf553f10ba49b8646d758e9f2c559f4c55d0a3769690a972db9d46523173a03c345eeeb6e5b10747e1fe1d1b31ca5717a1f2f66c81edeaa5fa5

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1612 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1612 AcroRd32.exe
1612 AcroRd32.exe
1612 AcroRd32.exe
1612 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\73b56e23da3fdb464096eab8a8ecc665e5bee8d3f6319ecb0b0a8cd6453d4b1c.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1612

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1612-54-0x0000000075D11000-0x0000000075D13000-memory.dmp

Filesize
8KB

Download