ce33e120aad321ec091e9b1a4055a77317455db4647f6ca92c88e2ece6c3cba6 | Triage

Analysis

max time kernel
152s
max time network
46s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
11-10-2022 09:21

Sharing

Report Analysis Logs

General

Target

HP-LaserJet-打印机未授权访问漏洞分析报告.pdf
Size

477KB
MD5

dcbcbfac32ec2015e391d2bcf28bae50
SHA1

968d3192a3902559dc7dbd4880588f59d9aaa40b
SHA256

9197a7a79e151148b464636057e806075f609d08103de1ca6b93f12043f6e226
SHA512

37e7af9a6821b07a6564717b87184583e25cfa2c2820f0e0eb5c670f8c257ce60d9145a3e3ed3e922849fd150d39ceee7d2202d5311d942263e39aa58f359ae1
SSDEEP

12288:MPN+xexVM0/lPyfkURbjc1gugOGoLQVHRnAynmr:M7lqfHF3u9GHHRde

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1480 AcroRd32.exe
1480 AcroRd32.exe
1480 AcroRd32.exe
1480 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\HP-LaserJet-打印机未授权访问漏洞分析报告.pdf"
1⤵
- Suspicious use of SetWindowsHookEx
PID:1480

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1480-54-0x0000000076201000-0x0000000076203000-memory.dmp

Filesize
8KB

Download