Analysis
-
max time kernel
150s -
max time network
49s -
platform
windows7_x64 -
resource
win7-20220901-en -
resource tags
arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system -
submitted
10-10-2022 11:49
Behavioral task
behavioral1
Sample
PPT/Writing_Argument _LYL.pdf
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
PPT/Writing_Argument _LYL.pdf
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
PPT/Writing_Issue_LYL.pdf
Resource
win7-20220901-en
Behavioral task
behavioral4
Sample
PPT/Writing_Issue_LYL.pdf
Resource
win10v2004-20220812-en
Behavioral task
behavioral5
Sample
PPT/Writing_Language_LYL.pdf
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
PPT/Writing_Language_LYL.pdf
Resource
win10v2004-20220812-en
General
-
Target
PPT/Writing_Issue_LYL.pdf
-
Size
2.2MB
-
MD5
622fb3038f651dfc3f10895b44f2d40f
-
SHA1
b66747b72227c9b092e1d0c032890864cf244f42
-
SHA256
7fa851f2a85a5e3a83d99dfe210dd6c9aab391fefb28d6f1f56df293468d7fe3
-
SHA512
92b9014a4432e889243f4eb75801846ed6d72e333c130f768eea6f9ce6aba96813273a8b336382b780e5f02d407acaa980f935d9434c67abab5f04ea7d8fd977
-
SSDEEP
24576:ds6sg5sQxowAjKfU+BF4b/UX92pmFBRVumqKrH1XAJhu10wXHRLmHnx7ryUwIoVC:d9rWQoIxF68YkF5qKYSRaHJeRIoVEocb
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1600 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
AcroRd32.exepid process 1600 AcroRd32.exe 1600 AcroRd32.exe 1600 AcroRd32.exe 1600 AcroRd32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1600-54-0x0000000076461000-0x0000000076463000-memory.dmpFilesize
8KB