Overview

overview

3

Static

static

3

a185c3588d2d09...3f.pdf

windows7_x64

1

a185c3588d2d09...3f.pdf

windows10-2004_x64

1
General
Target

a185c3588d2d09c9375fbaee28479b9e5bcb7cbdba6716795d2c4bde16186d3f.pdf

Filesize

194KB

Completed

20-05-2022 03:51

Task

behavioral1

Score
1/10
MD5

9aa4925ac76e34cc5e18a33399ba126f

SHA1

474a8bf5f9de7f1adf147611413c0368a77905b3

SHA256

a185c3588d2d09c9375fbaee28479b9e5bcb7cbdba6716795d2c4bde16186d3f

SHA512

b78f72b40bb45b71bcfeef707d3cc29ee0e5b9cc94870f06f9d9b8e493d7b33405b62636bae67b97645d3a90fc9190a1e1342883da8d1deba4b5f6c48a81d876

Malware Config
Signatures 1

Filter: none

  • Suspicious use of SetWindowsHookEx
    AcroRd32.exe

    Reported IOCs

    pidprocess
    1972AcroRd32.exe
    1972AcroRd32.exe
    1972AcroRd32.exe
    1972AcroRd32.exe
Processes 1
  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a185c3588d2d09c9375fbaee28479b9e5bcb7cbdba6716795d2c4bde16186d3f.pdf"
    Suspicious use of SetWindowsHookEx
    PID:1972
Network
MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Replay Monitor
                          00:00 00:00
                          Downloads

                          • memory/1972-54-0x0000000075FE1000-0x0000000075FE3000-memory.dmp

                            Download