Overview

overview

3

Static

static

3

MARSEILLE ...NR.pdf

windows7_x64

1

MARSEILLE ...NR.pdf

windows10-2004_x64

1

MARSEILLE ...NR.pdf

windows7_x64

1

MARSEILLE ...NR.pdf

windows10-2004_x64

1

=?iso-8859...22.pdf

windows7_x64

1

=?iso-8859...22.pdf

windows10-2004_x64

1

=?iso-8859...).xlsx

windows7_x64

1

=?iso-8859...).xlsx

windows10-2004_x64

1

Analysis

  • max time kernel
    4294210s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20220311-en
  • submitted
    11-04-2022 13:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MARSEILLE - EDF - 10146008309- NR.pdf

  • Size

    118KB

  • MD5

    8bf4eb9e49714ca883940251b7d64612

  • SHA1

    a670b17cbae8fef32a033b16fa03849b0a5a93fe

  • SHA256

    c1124d1de0fe0ff489251de85516b2e7cadde8ff75d815749c187919dbafbfe9

  • SHA512

    a2885e55a22f4ad1d733f86c2c7b6775c63172c912e240765170bc4e2fdddd0f6b15ab3552ff74ac79d2e333fd1dfb8b74e2dbd9e021abcbe7bb191dafc345b3

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\MARSEILLE - EDF - 10146008309- NR.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1560

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1560-54-0x0000000075611000-0x0000000075613000-memory.dmp
    Filesize

    8KB

    Download