d43ff81a10eb5db012b249b252e93d1ac476e5244e4035eafdeca640e7de5418 | Triage

Analysis

max time kernel
4294179s
max time network
122s
platform
windows7_x64
resource
win7-20220311-en
submitted
17-03-2022 12:10

Sharing

Report Analysis Logs

General

Target

axapiv3.pdf
Size

21.7MB
MD5

c13568245e47e024ee62f482f0ef5ca3
SHA1

674307f5972d3e6e413133aab474979d4d658098
SHA256

d43ff81a10eb5db012b249b252e93d1ac476e5244e4035eafdeca640e7de5418
SHA512

17e9942073d77af60cd2dba06c10beaffc68e229ca47db2ec2e1798e812ab2491c43f03bc37b1fa8e20f05eab3ab71e8737498c1a39a02bc22ee1a8048379546

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1924 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1924 AcroRd32.exe
1924 AcroRd32.exe
1924 AcroRd32.exe
1924 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\axapiv3.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1924

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1924-54-0x0000000074F31000-0x0000000074F33000-memory.dmp

Filesize
8KB

Download