029850a5f9a4efa334544acd0acf96f1ab332cbbd92dd7b112f35248976507c0 | Triage

Analysis

max time kernel
151s
max time network
46s
platform
windows7_x64
resource
win7-20220414-en
submitted
02-05-2022 20:53

Sharing

Report Analysis Logs

General

Target

029850a5f9a4efa334544acd0acf96f1ab332cbbd92dd7b112f35248976507c0.pdf
Size

44KB
MD5

661a3307ab6d47067830feb9e0616acc
SHA1

e256b63350c9fe214562d7e91d2814dea156a04a
SHA256

029850a5f9a4efa334544acd0acf96f1ab332cbbd92dd7b112f35248976507c0
SHA512

111f00bdac2b1b36f1e0b29479fdbaee7c4322e6dbf9e06fedfeacd037d9ca6b7d6f9752f241d506e3012a570a16cc9ab67a945d8e0e1c4b9b3a59d49d0fb19c

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1692 AcroRd32.exe
1692 AcroRd32.exe
1692 AcroRd32.exe
1692 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\029850a5f9a4efa334544acd0acf96f1ab332cbbd92dd7b112f35248976507c0.pdf"
1⤵
- Suspicious use of SetWindowsHookEx
PID:1692

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1692-54-0x00000000763E1000-0x00000000763E3000-memory.dmp

Filesize
8KB

Download