Analysis
-
max time kernel
148s -
max time network
50s -
platform
windows7_x64 -
resource
win7-20220901-en -
resource tags
arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system -
submitted
11-09-2022 06:34
Behavioral task
behavioral1
Sample
Digital forensics and incident response incident response techniques and procedures to respond to m.pdf
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
Digital forensics and incident response incident response techniques and procedures to respond to m.pdf
Resource
win10v2004-20220812-en
General
-
Target
Digital forensics and incident response incident response techniques and procedures to respond to m.pdf
-
Size
67.6MB
-
MD5
4b05d8c40a8facdea608f8a5dba6cd06
-
SHA1
c4c27a817c6b63164d1de3e0889302b5d92c2d7d
-
SHA256
e84fcb4980ba29bec4425981d3339e70b20c80516ad299f5f3f5c1d14e720155
-
SHA512
2b016df3a9514ddeb9ea6dc84c5b5b26ef06890b3310f44ec694fcec5d94d38eddf152ab1ba490012ec47aa3282715cb74353378bca6416ff636c82ac781b9fc
-
SSDEEP
1572864:X2OPjqNkw83WJ12SzWsMWFNZjh5XLZZFYc9Hg4viub6:mO7qNklwASd9jh5VZ2c24quW
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
AcroRd32.exepid process 1200 AcroRd32.exe 1200 AcroRd32.exe 1200 AcroRd32.exe 1200 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Digital forensics and incident response incident response techniques and procedures to respond to m.pdf"1⤵
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1200-54-0x0000000075AC1000-0x0000000075AC3000-memory.dmpFilesize
8KB