Overview

overview

3

Static

static

3

A09 (1).pdf

windows7_x64

1

A09 (1).pdf

windows10-2004_x64

1

BRS.pdf

windows7_x64

1

BRS.pdf

windows10-2004_x64

1

DOC.pdf

windows7_x64

1

DOC.pdf

windows10-2004_x64

1

E id (1).pdf

windows7_x64

1

E id (1).pdf

windows10-2004_x64

1

bankaccount.pdf

windows7_x64

1

bankaccount.pdf

windows10-2004_x64

1

download.jpg

windows7_x64

3

download.jpg

windows10-2004_x64

3

fw8imy.pdf

windows7_x64

1

fw8imy.pdf

windows10-2004_x64

1

Analysis

  • max time kernel
    4294212s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20220310-en
  • submitted
    31-03-2022 04:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    DOC.pdf

  • Size

    708KB

  • MD5

    dec332e5d89b688e0fbad03d48999a7e

  • SHA1

    5a229884998ffdfd0af8681be12d6726e2c2e568

  • SHA256

    9cfafc0df8156b2c1b872af78f9230e756ff8c2b92bb7f93f3809a681bfaf5c3

  • SHA512

    76786cecdcc434ba714b18b3c8c00ac037cf92a92d80a219557aa70fef43b5abfb80c7dc199475e54107731a52dd4a7a43c4a9d86afdc107941ed4017c612cb2

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\DOC.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1616

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1616-54-0x0000000076141000-0x0000000076143000-memory.dmp
    Filesize

    8KB

    Download