0d87670548b37d4ebdab4c8aba78fb60b2486aaaa986d0f56371ab3164be2fc4 | Triage

Analysis

max time kernel
150s
max time network
123s
platform
windows7_x64
resource
win7-en-20211208
submitted
19-02-2022 23:34

Sharing

Report Analysis Logs

General

Target

0d87670548b37d4ebdab4c8aba78fb60b2486aaaa986d0f56371ab3164be2fc4.pdf
Size

328KB
MD5

549a06cb43563dad994b86e8f105323a
SHA1

c155f6a81b947a0ee0b09c32676145675b05de88
SHA256

0d87670548b37d4ebdab4c8aba78fb60b2486aaaa986d0f56371ab3164be2fc4
SHA512

160d1ffbba92f701a80192ba04c3b896718203165b2ac10cc57a115ca081bcd12252925ebf7ea0c5f51a251bc09634f2e08d2dd93afbc7a8efadb85592761dba

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1692 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1692 AcroRd32.exe
1692 AcroRd32.exe
1692 AcroRd32.exe
1692 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0d87670548b37d4ebdab4c8aba78fb60b2486aaaa986d0f56371ab3164be2fc4.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1692

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1692-54-0x0000000075B51000-0x0000000075B53000-memory.dmp

Filesize
8KB

Download