515660b1792da07c88aae9bb699b4988c276959e580ee8d5af1fc126fff23015 | Triage

Analysis

max time kernel
90s
max time network
52s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
20-10-2022 14:28

Sharing

Report Analysis Logs

General

Target

SpecialReportStrategicCareerPlanning.pdf
Size

1.1MB
MD5

fc0e6c1a7cff7a915720dc7cb5a56694
SHA1

db107c81db605a394517eede8445733dfc98cebb
SHA256

515660b1792da07c88aae9bb699b4988c276959e580ee8d5af1fc126fff23015
SHA512

323d14ef9477ec96ded5804ab08124350285e9be27775047ce577dc57d490c1f90d720f85e2b22b5e072781733772897c69efc300872c45e257fcae7291f9e6b
SSDEEP

24576:sSD8imWzWq7GT3JUHIyDU5QDirM9jEzoLR6:sliFZqrojI5BM6ELQ

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1544 AcroRd32.exe
1544 AcroRd32.exe
1544 AcroRd32.exe
1544 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\SpecialReportStrategicCareerPlanning.pdf"
1⤵
- Suspicious use of SetWindowsHookEx
PID:1544

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1544-54-0x0000000075681000-0x0000000075683000-memory.dmp

Filesize
8KB

Download