655b72ec70fb1b8900966a0ebc580265bc5943a448d86cf0127d9620c55156be | Triage

Analysis

max time kernel
4294210s
max time network
123s
platform
windows7_x64
resource
win7-20220311-en
submitted
24-03-2022 22:26

Sharing

Report Analysis Logs

General

Target

655b72ec70fb1b8900966a0ebc580265bc5943a448d86cf0127d9620c55156be.pdf
Size

40KB
MD5

95b7629530e0f820b8120df6057cbd12
SHA1

731b70a42871265a15de417c710ae7ddbe4df331
SHA256

655b72ec70fb1b8900966a0ebc580265bc5943a448d86cf0127d9620c55156be
SHA512

0c0357f620d34fedd92a288165daedabc8de4fd06339b902e018770bb7c1e7f5035b9c418ec86c3775be430dc61a69c9f43750ea49094643d179f0660e7d4b07

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1772 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1772 AcroRd32.exe
1772 AcroRd32.exe
1772 AcroRd32.exe
1772 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\655b72ec70fb1b8900966a0ebc580265bc5943a448d86cf0127d9620c55156be.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1772

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1772-54-0x00000000760A1000-0x00000000760A3000-memory.dmp

Filesize
8KB

Download