Overview

overview

3

Static

static

3

Correct Yo...g).pdf

windows7_x64

1

Correct Yo...g).pdf

windows10-2004_x64

1

Resubmissions

15-05-2022 13:49

220515-q4zp2aefd8 3

15-05-2022 13:46

220515-q28vxshbak 3

Analysis

  • max time kernel
    266s
  • max time network
    179s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    15-05-2022 13:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Correct Your Spanish Blunders How to Avoid 99 of the Common Mistakes Made by Learners of Spanish (Jean Yates) (z-lib.org).pdf

  • Size

    1.3MB

  • MD5

    0ac98d966c7c83052514b0b95bfaf917

  • SHA1

    f78bdf03fd50246845b7db51085af9df5c67dd74

  • SHA256

    78c72870895db7e07205f66515ace0dd520cb969032df825d98bec2947fb1300

  • SHA512

    636eea4e6aab3d5de11ccd717372af3317e1fd99aa4af23af72dee947ec506efcd01effcb5a65cee2176c1ddf24c8ac3cb75fc2b8a1907f042098ac2d0a0ca06

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Correct Your Spanish Blunders How to Avoid 99 of the Common Mistakes Made by Learners of Spanish (Jean Yates) (z-lib.org).pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1684
  • C:\Windows\explorer.exe
    "C:\Windows\explorer.exe"
    1⤵
      PID:1408
    • C:\Windows\system32\AUDIODG.EXE
      C:\Windows\system32\AUDIODG.EXE 0x480
      1⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:1588

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1408-55-0x000007FEFBC11000-0x000007FEFBC13000-memory.dmp
      Filesize

      8KB

      Download
    • memory/1684-54-0x00000000752D1000-0x00000000752D3000-memory.dmp
      Filesize

      8KB

      Download