Overview

overview

3

Static

static

3

f91fd131be23c3...04.pdf

windows7_x64

1

f91fd131be23c3...04.pdf

windows10-2004_x64
General
Target

f91fd131be23c38ca791ef6c6794921931467af36c3ea868c36c587132ab6604.pdf

Filesize

1MB

Completed

21-05-2022 11:29

Task

behavioral1

Score
1/10
MD5

c7d97ac60a8a612c07cc4ddd5f6fcead

SHA1

667f46369a2c81c369fef8d6bd4e3a58d766247c

SHA256

f91fd131be23c38ca791ef6c6794921931467af36c3ea868c36c587132ab6604

SHA256

511985fb847816bedcf7c7009ac3d44adc9349d4c85fe020f8442f80c78485c2aba5b90d749ef311d16023eb0534bad00aacf2851bc322d96ac5d2157fb93e30

Malware Config
Signatures 1

Filter: none

  • Suspicious use of SetWindowsHookEx
    AcroRd32.exe

    Reported IOCs

    pidprocess
    948AcroRd32.exe
    948AcroRd32.exe
    948AcroRd32.exe
    948AcroRd32.exe
Processes 1
  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f91fd131be23c38ca791ef6c6794921931467af36c3ea868c36c587132ab6604.pdf"
    Suspicious use of SetWindowsHookEx
    PID:948
Network
MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Replay Monitor
                          00:00 00:00
                          Downloads

                          • memory/948-54-0x0000000074F21000-0x0000000074F23000-memory.dmp

                            Download