0c2f5b6fe538d088fed11ab10925210cb2eb782f471e6f09c484677e82fc5f26 | Triage

Analysis

max time kernel
4294211s
max time network
125s
platform
windows7_x64
resource
win7-20220223-en
submitted
09-03-2022 13:25

Sharing

Report Analysis Logs

General

Target

0c2f5b6fe538d088fed11ab10925210cb2eb782f471e6f09c484677e82fc5f26.pdf
Size

643KB
MD5

7581b54906f585c3c40d19b0a47978cd
SHA1

6698b72784f241bd6663115e68b5aa8b99e0ebab
SHA256

0c2f5b6fe538d088fed11ab10925210cb2eb782f471e6f09c484677e82fc5f26
SHA512

14dd4580888f44aff9380ac93a9ae9264c970077d74aef6ef11c738a505d31047ef283f14caf93510396318a931346b62c1d4ebab1a22c35ce5f430b8c6ab6c7

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1764 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1764 AcroRd32.exe
1764 AcroRd32.exe
1764 AcroRd32.exe
1764 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0c2f5b6fe538d088fed11ab10925210cb2eb782f471e6f09c484677e82fc5f26.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1764

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1764-54-0x0000000075F71000-0x0000000075F73000-memory.dmp

Filesize
8KB

Download