Overview

overview

4

Static

static

4

练习参�...aw.xml

windows7-x64

1

练习参�...aw.xml

windows10-2004-x64

1

练习参�...ne.xml

windows7-x64

1

练习参�...ne.xml

windows10-2004-x64

1

课时7/�...��.exe

windows7-x64

1

课时7/�...��.exe

windows10-2004-x64

1

课时7/�...��.pdf

windows7-x64

1

课时7/�...��.pdf

windows10-2004-x64

1

课时7/�...��.pdf

windows7-x64

1

课时7/�...��.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    52s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    20-10-2022 07:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    课时7/课件7-绘图和图片控件.pdf

  • Size

    888KB

  • MD5

    c0b6e031b083c31182e7ac531260fa7a

  • SHA1

    a5a53fff87d397d3c19a38dcdb60635cf19b71a4

  • SHA256

    3f0630aed04de686bc2858e249828d559376de568b561a62314fb03bc3cc394f

  • SHA512

    2f35b1e04306808fe4ce8662bbc6a59e10ee9f56f0a112a5caf3bbed7c1c71070cdfb7fce209d055883da266835c9b793c883d8a8561bfefcc1cece8891adf41

  • SSDEEP

    24576:EIknHno7Q3qW8iM3ji11CeHArQcg4mAo4R3ZPUg6eAbot:2oo+iQW11CeHA8NJAoAH6Q

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\课时7\课件7-绘图和图片控件.pdf"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1380

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1380-54-0x00000000757A1000-0x00000000757A3000-memory.dmp
    Filesize

    8KB

    Download