f613b0ccc5c3ad0edff4c7bbd7affd139fd2a1d7f861e80f4e4586553e9877f8 | Triage

Analysis

max time kernel
153s
max time network
144s
platform
windows7_x64
resource
win7-en-20211208
submitted
21-02-2022 15:06

Sharing

Report Analysis Logs

General

Target

jena_264795_prep_20220214140917279.pdf
Size

14.0MB
MD5

6c3b039f6662204ded627b262d11027c
SHA1

126f961a53c5addec699c4e0d94e1e457200f743
SHA256

f613b0ccc5c3ad0edff4c7bbd7affd139fd2a1d7f861e80f4e4586553e9877f8
SHA512

43f9d59eb4f9d28bc1f9b6607b48c85309e38caedc615bd1a22c5d7966bd914c21155bb3e4d7c9c26030ab01de240b39ad5ea43dc7cc9429638573b311c87b4c

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1752 AcroRd32.exe
Suspicious use of SetWindowsHookEx 3 IoCs

Processes:

AcroRd32.exe

pid process

1752 AcroRd32.exe
1752 AcroRd32.exe
1752 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\jena_264795_prep_20220214140917279.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1752

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1752-55-0x0000000076921000-0x0000000076923000-memory.dmp

Filesize
8KB

Download