4c7ebef3c3c7c9a6e65585d82865d53482fc342dcdaed8bc0bb1edf0319ec581 | Triage

Analysis

max time kernel
152s
max time network
49s
platform
windows7_x64
resource
win7-20220414-en
submitted
03-05-2022 00:31

Sharing

Report Analysis Logs

General

Target

4c7ebef3c3c7c9a6e65585d82865d53482fc342dcdaed8bc0bb1edf0319ec581.pdf
Size

66KB
MD5

f32c4f6c8c887a02273a573230cfb7a1
SHA1

e8528a1b5ec8f2be3698b4728420aa6680364d06
SHA256

4c7ebef3c3c7c9a6e65585d82865d53482fc342dcdaed8bc0bb1edf0319ec581
SHA512

b232976d3d125c94f8b12e70e7ed3a39bafdc909b5980113323986d57a16eb2357d48f8e765433e1ff843a774a261def968d5038db78c735ff83b36c7fb1dee3

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1540 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1540 AcroRd32.exe
1540 AcroRd32.exe
1540 AcroRd32.exe
1540 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\4c7ebef3c3c7c9a6e65585d82865d53482fc342dcdaed8bc0bb1edf0319ec581.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1540

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1540-54-0x0000000074B51000-0x0000000074B53000-memory.dmp

Filesize
8KB

Download