86d131367fa65120f9268b0a71f17bacf8109277e99dd9f1f3b89d90b9ba58a5 | Triage

Analysis

max time kernel
295s
max time network
853s
platform
windows7_x64
resource
win7-20220310-en
submitted
17-03-2022 11:07

Sharing

Report Analysis Logs

General

Target

86d131367fa65120f9268b0a71f17bacf8109277e99dd9f1f3b89d90b9ba58a5.pdf
Size

360KB
MD5

bc03f92d232be59a9a0a8531521dee3d
SHA1

ea84dbe0c05b8618f57310d5a6e03ccea5200377
SHA256

86d131367fa65120f9268b0a71f17bacf8109277e99dd9f1f3b89d90b9ba58a5
SHA512

017a2cefc2b4d35cedda7a387007397ea0212d8269ea86d2ad5ae2ba655b2cba46b417b62397c1e908d1745784544c89ca31b75f88863a3dd7bf24dff74d0a6d

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1500 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1500 AcroRd32.exe
1500 AcroRd32.exe
1500 AcroRd32.exe
1500 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\86d131367fa65120f9268b0a71f17bacf8109277e99dd9f1f3b89d90b9ba58a5.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1500

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1500-54-0x0000000075A31000-0x0000000075A33000-memory.dmp

Filesize
8KB

Download