Analysis
-
max time kernel
150s -
max time network
45s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
11-09-2022 06:33
Behavioral task
behavioral1
Sample
Incident Response Techniques for Ransomware Attacks Understand modern ransomware attacks ( etc.) (z-lib.org).pdf
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Incident Response Techniques for Ransomware Attacks Understand modern ransomware attacks ( etc.) (z-lib.org).pdf
Resource
win10v2004-20220812-en
General
-
Target
Incident Response Techniques for Ransomware Attacks Understand modern ransomware attacks ( etc.) (z-lib.org).pdf
-
Size
12.1MB
-
MD5
c51ade4cdac56d0c98f392e29c1a226f
-
SHA1
d6265b5ec7130c0473f73b0ca14a5d21939d4420
-
SHA256
a6c34199052ba042237905ae228de55fb6fc445a9c1a951fcdec0e4c98c44d03
-
SHA512
da16868226c38304cff12c808a157fbc5bd5e816aeae01087faaa1d164487c111988d2373e6921e436eb19b3d9040c3aaea714499e57e4d629df23c7c3a68910
-
SSDEEP
393216:vfuGGSZVob88r888888888888X88Z8LzGSgKdp+XJC0klB:vmGtZs88r888888888888X88Z8LSAj+U
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
AcroRd32.exepid process 1112 AcroRd32.exe 1112 AcroRd32.exe 1112 AcroRd32.exe 1112 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Incident Response Techniques for Ransomware Attacks Understand modern ransomware attacks ( etc.) (z-lib.org).pdf"1⤵
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1112-54-0x0000000074D61000-0x0000000074D63000-memory.dmpFilesize
8KB