5481ba9e83ec03bd7b04e8fea3c5f68324e242fd9c837ed25b7904d9b883b79c | Triage

Analysis

max time kernel
150s
max time network
130s
platform
windows7_x64
resource
win7-en-20211208
submitted
19-02-2022 22:42

Sharing

Report Analysis Logs

General

Target

5481ba9e83ec03bd7b04e8fea3c5f68324e242fd9c837ed25b7904d9b883b79c.pdf
Size

253KB
MD5

5c857bf3cf52609ad072d6d74a4ed443
SHA1

42242770cfc7af57f86251f64f2d2a1b37dd319c
SHA256

5481ba9e83ec03bd7b04e8fea3c5f68324e242fd9c837ed25b7904d9b883b79c
SHA512

05bbddf13e9b13fb85eb9c301208fefdcda45d864fc5a45e01fd668f453c1d86d712c89647de7ecebcb2a1898965f7c6046f15348421b66553375b63b0d27d9a

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1204 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1204 AcroRd32.exe
1204 AcroRd32.exe
1204 AcroRd32.exe
1204 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\5481ba9e83ec03bd7b04e8fea3c5f68324e242fd9c837ed25b7904d9b883b79c.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1204

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1204-53-0x0000000075CE1000-0x0000000075CE3000-memory.dmp

Filesize
8KB

Download