Overview

overview

3

Static

static

3

e0d7fadbfdc8ea...5a.pdf

windows7_x64

1

e0d7fadbfdc8ea...5a.pdf

windows10-2004_x64

1
General
Target

e0d7fadbfdc8eaad4071e6d99698f460f9eae7ddd1b27e2d21028dbd10fa0d5a.pdf

Filesize

1MB

Completed

21-05-2022 11:28

Task

behavioral1

Score
1/10
MD5

c53186df717d8037ff5edb0fc9736dda

SHA1

510cf2f79270303ca5a18474ca541d0ecb20c599

SHA256

e0d7fadbfdc8eaad4071e6d99698f460f9eae7ddd1b27e2d21028dbd10fa0d5a

SHA512

4a3b8fd9d1fe648373b1f3b90e53b726c62da083feb6e70345dcd8386c04b77e85a12367e74278467e092e4a5b30f9c8c5f7174f7a83de72d951db36b763eb10

Malware Config
Signatures 1

Filter: none

  • Suspicious use of SetWindowsHookEx
    AcroRd32.exe

    Reported IOCs

    pidprocess
    548AcroRd32.exe
    548AcroRd32.exe
    548AcroRd32.exe
    548AcroRd32.exe
Processes 1
  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\e0d7fadbfdc8eaad4071e6d99698f460f9eae7ddd1b27e2d21028dbd10fa0d5a.pdf"
    Suspicious use of SetWindowsHookEx
    PID:548
Network
MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Replay Monitor
                          00:00 00:00
                          Downloads

                          • memory/548-54-0x0000000075D21000-0x0000000075D23000-memory.dmp

                            Download