fdf31dc4a95e2b2f06984166c1bdce3672f66a2f3bd09818366900227036a403

Resubmissions

06-10-2022 02:46

06-10-2022 02:46

max time kernel
23s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
06-10-2022 02:46

Target

Tickets_boulvar.pdf
Size

46KB
MD5

9431eae3695eaae0842818524576f2d7
SHA1

0136382b04712ee683f4f34936223c5c6b353a0c
SHA256

fdf31dc4a95e2b2f06984166c1bdce3672f66a2f3bd09818366900227036a403
SHA512

c9d3880d9397469ff559d23907a42addea5578b9e1c608b701aab934984f99137d89f10cad1a56f3ca8e92b6e054f3369be0a173cfc7bd0aad39dee7fde7a9c4
SSDEEP

768:1ng9hNTGUeQa7JVUlgQXy6PPmTXbamif4hwfsP6/DlcL7CzNzxYZOeyo0/oJLS4m:+JRPRd4wEaNUyo0/C3i

Score

1^/10

Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1100 AcroRd32.exe
1100 AcroRd32.exe
1100 AcroRd32.exe
1100 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Tickets_boulvar.pdf"
1⤵
- Suspicious use of SetWindowsHookEx
PID:1100

memory/1100-54-0x00000000763F1000-0x00000000763F3000-memory.dmp

Filesize
8KB

Download