f4f5108d6d9e62c08885019819a13b8b9d94c593e38b67d7697fb823efede2bb | Triage

Analysis

max time kernel
4294219s
max time network
138s
platform
windows7_x64
resource
win7-20220311-en
submitted
15-03-2022 11:17

Sharing

Report Analysis Logs

General

Target

f4f5108d6d9e62c08885019819a13b8b9d94c593e38b67d7697fb823efede2bb.pdf
Size

339KB
MD5

a817c815f733a9112cf85fd4443f3c0f
SHA1

c469cc3c5f030aef78e9e65d8c25d78d71411d42
SHA256

f4f5108d6d9e62c08885019819a13b8b9d94c593e38b67d7697fb823efede2bb
SHA512

83f9644a348852f665043a43a058255e9072e47a4978798c12b55f50ae8e6331ebb82409c0be72895cc1273b80726255cf9d491e1ff724a43f5724fa21e52a58

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1520 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1520 AcroRd32.exe
1520 AcroRd32.exe
1520 AcroRd32.exe
1520 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f4f5108d6d9e62c08885019819a13b8b9d94c593e38b67d7697fb823efede2bb.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1520

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1520-54-0x00000000755A1000-0x00000000755A3000-memory.dmp

Filesize
8KB

Download