67e27f0b5d4fe4ddad7e35ca2605cb571755e2c27fa4569e9eddfdffb0cb219d | Triage

Analysis

max time kernel
4294213s
max time network
125s
platform
windows7_x64
resource
win7-20220311-en
submitted
24-03-2022 22:23

Sharing

Report Analysis Logs

General

Target

67e27f0b5d4fe4ddad7e35ca2605cb571755e2c27fa4569e9eddfdffb0cb219d.pdf
Size

47KB
MD5

ce4a5b09ee7e7bb8eb69e0a86fa589a4
SHA1

1c11936a95ccdbfe10545733c67e09aa3b9612c8
SHA256

67e27f0b5d4fe4ddad7e35ca2605cb571755e2c27fa4569e9eddfdffb0cb219d
SHA512

790cc96cbc7dfffc6b33617399865d6b6e836d55d9bc156250517e6752b6024c3bb39dd15a6ba3f114a15f0e1c9af6005c7f5c0b8d80cb4110b378ec80a30839

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1132 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1132 AcroRd32.exe
1132 AcroRd32.exe
1132 AcroRd32.exe
1132 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\67e27f0b5d4fe4ddad7e35ca2605cb571755e2c27fa4569e9eddfdffb0cb219d.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1132

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1132-54-0x0000000075561000-0x0000000075563000-memory.dmp

Filesize
8KB

Download