238d9ac8b8ceda87621afb5234b614a9f7fd0111791c27a346cdd1d1bbd8b520 | Triage

Analysis

max time kernel
150s
max time network
45s
platform
windows7_x64
resource
win7-20220331-en
submitted
13-04-2022 02:00

Sharing

Report Analysis Logs

General

Target

DTO 130422.pdf
Size

273KB
MD5

0c574315745d5dc1b506a6d76bd1cfb3
SHA1

1553011d0ba6adfa4bfe837b198496899d8bb23d
SHA256

238d9ac8b8ceda87621afb5234b614a9f7fd0111791c27a346cdd1d1bbd8b520
SHA512

ca0f382a7ed8daab71b170af2ff6018ee460c369168d217abbd3d4c3e14332092c833c1f224030faf6c3d5fcb488e5f355aa7d33fd8deb93590f0beeef757efe

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

804 AcroRd32.exe
804 AcroRd32.exe
804 AcroRd32.exe
804 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\DTO 130422.pdf"
1⤵
- Suspicious use of SetWindowsHookEx
PID:804

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/804-54-0x0000000075B41000-0x0000000075B43000-memory.dmp

Filesize
8KB

Download