174561b788f6c0f7085ca41a52850697995293ab760f66d02f4dc1cee594a46b | Triage

Analysis

max time kernel
151s
max time network
123s
platform
windows7_x64
resource
win7-en-20211208
submitted
21-02-2022 23:31

Sharing

Report Analysis Logs

General

Target

174561b788f6c0f7085ca41a52850697995293ab760f66d02f4dc1cee594a46b.pdf
Size

3.2MB
MD5

caa3a36b6e8a0f28e72c4d26c243e580
SHA1

fcaa4eefe58fe634801eb9200894599a1017c58a
SHA256

174561b788f6c0f7085ca41a52850697995293ab760f66d02f4dc1cee594a46b
SHA512

0f028a9f19ac6c7b6a5a6d3fe7c82cb260b2ef85bed2536216265e6373c7d06e5a1b16e455784b8a98d95054c0d2be53756acb87e465c5772a1348e7800ecebb

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1316 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1316 AcroRd32.exe
1316 AcroRd32.exe
1316 AcroRd32.exe
1316 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\174561b788f6c0f7085ca41a52850697995293ab760f66d02f4dc1cee594a46b.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1316

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1316-54-0x0000000076151000-0x0000000076153000-memory.dmp

Filesize
8KB

Download