1889bdec2ab0bf7ed1b38ba33ad4415671bc564dc87fcd27ed5765f9285ca011

Analysis

max time kernel
149s
max time network
48s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
05-10-2022 09:15

Target

TeleportUltraPortable/App/Teleport Ultra/manual.pdf
Size

274KB
MD5

e6c6cbefd07d40e4f827dc2fdce4c537
SHA1

60f539ed0c19abf262997cf045d47bf597fcbe3e
SHA256

a8d179ffd82cb5554e95ce9647c937517e524499beb843d40198f86d79624100
SHA512

25b5575722078350c8b282c0670f548b5dca7c4ba1339b2165bf5a23289a1309fa378f18ba3d5eb6afe82b5630ca314ccb6a29cf1b2adae6b93e451dad2e8335
SSDEEP

6144:SjF9A4KsccWQ8dp3tYZwMNnd4K8N2p/Mxo:E9A4Ku5+3tYOMN0N2m6

Score

1^/10

Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

988 AcroRd32.exe
988 AcroRd32.exe
988 AcroRd32.exe
988 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\TeleportUltraPortable\App\Teleport Ultra\manual.pdf"
1⤵
- Suspicious use of SetWindowsHookEx
PID:988

memory/988-54-0x0000000075021000-0x0000000075023000-memory.dmp

Filesize
8KB

Download