6638d73b5b958d01701c8be4fbcc247e8906aaba439ec00893f33cdde84d1d73 | Triage

Analysis

max time kernel
4294218s
max time network
134s
platform
windows7_x64
resource
win7-20220310-en
submitted
24-03-2022 22:25

Sharing

Report Analysis Logs

General

Target

6638d73b5b958d01701c8be4fbcc247e8906aaba439ec00893f33cdde84d1d73.pdf
Size

44KB
MD5

bb9eac0ef7222436ba7700806e248506
SHA1

da8802046e203f9399397b9a4104bda1483013de
SHA256

6638d73b5b958d01701c8be4fbcc247e8906aaba439ec00893f33cdde84d1d73
SHA512

66187b453f84a5722d796a7aafe88f69c5feb666d8ddcdcbfced8b84d62422ae6e3ab923b4ee37cdf3194b97fc726b1a41def190530295d3b95f16cba4cc5952

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1836 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1836 AcroRd32.exe
1836 AcroRd32.exe
1836 AcroRd32.exe
1836 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\6638d73b5b958d01701c8be4fbcc247e8906aaba439ec00893f33cdde84d1d73.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1836

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1836-54-0x0000000075C41000-0x0000000075C43000-memory.dmp

Filesize
8KB

Download