b6ae8c9260cff29eafc3d5b4e1bb37473038eeb2e1338eaf94b588d674489799 | Triage

Analysis

max time kernel
151s
max time network
124s
platform
windows7_x64
resource
win7-en-20211208
submitted
19-02-2022 21:32

Sharing

Report Analysis Logs

General

Target

b6ae8c9260cff29eafc3d5b4e1bb37473038eeb2e1338eaf94b588d674489799.pdf
Size

671KB
MD5

3d019ede3100c29abea7a7d3f05c642b
SHA1

7079cb838190c045604124655e8b62f95fbd94a6
SHA256

b6ae8c9260cff29eafc3d5b4e1bb37473038eeb2e1338eaf94b588d674489799
SHA512

4d78df3cb3d4452cb81d90a9822f30b39774ed9a628be17b30c4b02c7b308995685ac0b6f6a670619209ae74d223fada36f60cb362f3c7ad388cae7803b24e01

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1684 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1684 AcroRd32.exe
1684 AcroRd32.exe
1684 AcroRd32.exe
1684 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b6ae8c9260cff29eafc3d5b4e1bb37473038eeb2e1338eaf94b588d674489799.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1684

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1684-54-0x0000000076421000-0x0000000076423000-memory.dmp

Filesize
8KB

Download