bc309cc87d14563131a1cb9605ebeecf1f1310bcf49a540fa753e0f59993c29e | Triage

Analysis

max time kernel
153s
max time network
121s
platform
windows7_x64
resource
win7-en-20211208
submitted
19-02-2022 21:29

Sharing

Report Analysis Logs

General

Target

bc309cc87d14563131a1cb9605ebeecf1f1310bcf49a540fa753e0f59993c29e.pdf
Size

709KB
MD5

c2ac9c87780e20e609ba8c99d736bec1
SHA1

264953c0133b1be33b99d625d0c27546e85012fd
SHA256

bc309cc87d14563131a1cb9605ebeecf1f1310bcf49a540fa753e0f59993c29e
SHA512

c707e20d581811b27b3caa3ff1f946e5b4f21b4422078ecac1f11d5979659da78f32db056808e2ba2b37ba2454ac586e237626336da0855f9f7eb41b812d1122

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1748 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1748 AcroRd32.exe
1748 AcroRd32.exe
1748 AcroRd32.exe
1748 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\bc309cc87d14563131a1cb9605ebeecf1f1310bcf49a540fa753e0f59993c29e.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1748

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1748-54-0x0000000075761000-0x0000000075763000-memory.dmp

Filesize
8KB

Download