Overview

overview

4

Static

static

4

TC of Purc...v4.pdf

windows7_x64

1

TC of Purc...v4.pdf

windows10-2004_x64

1

Wabtec Ven...D).doc

windows7_x64

4

Wabtec Ven...D).doc

windows10-2004_x64

1

WabtecPO.pdf

windows7_x64

1

WabtecPO.pdf

windows10-2004_x64

1

Analysis

  • max time kernel
    152s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    27-04-2022 10:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    TC of Purchase North America v4.pdf

  • Size

    118KB

  • MD5

    601e9c03f062a7ac779b20926a4f990c

  • SHA1

    8946e5c3daf831ed65f97187287d487fa3203301

  • SHA256

    abbcf80391874c2847157d70e094fb9aad893cb0e9d9d315079e0aa2bc0f5571

  • SHA512

    4acf2eb2f67a68cfec70326fda0ec188b499bbf3c0b5b4ff9bb2a74260d6c287f523ebddfca2916700ef7c827305eeffd1284b7595654bf569bbdee1ee3e05fd

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\TC of Purchase North America v4.pdf"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1468

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1468-54-0x0000000076C81000-0x0000000076C83000-memory.dmp
    Filesize

    8KB

    Download