Analysis
-
max time kernel
17s -
max time network
23s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
22-10-2022 14:39
Behavioral task
behavioral1
Sample
61793c2129f76d871cb8be1a63f1c13a5dda7d7e81763f0d14bd4cc8127bf998.pdf
Resource
win7-20220812-en
windows7-x64
0 signatures
10 seconds
Behavioral task
behavioral2
Sample
61793c2129f76d871cb8be1a63f1c13a5dda7d7e81763f0d14bd4cc8127bf998.pdf
Resource
win10v2004-20220812-en
windows10-2004-x64
1 signatures
10 seconds
General
-
Target
61793c2129f76d871cb8be1a63f1c13a5dda7d7e81763f0d14bd4cc8127bf998.pdf
-
Size
61KB
-
MD5
118cac0489c636d9d4af844fbd3953ab
-
SHA1
87794644c3e155b406fe2f4e98e2111514fce9f4
-
SHA256
61793c2129f76d871cb8be1a63f1c13a5dda7d7e81763f0d14bd4cc8127bf998
-
SHA512
9f60bd0b1f11b35d1e2d9387f3a6419ec20a802033f9eb231e13d51b88c76a2d6d9995ee14d08fec7c8ee97f405ef34c11964f76b65bfda3a0369eca2c5727a5
-
SSDEEP
1536:TE6O1UIx6qFdPHDUtixXiUguSPQdFjBclYDLA:jIx7FB4eXisS+VcGU
Score
5/10
Malware Config
Signatures
-
Drops file in System32 directory 2 IoCs
Processes:
svchost.exedescription ioc process File created C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\InstallService\{1CEEA0BD-6EEA-4135-8905-8718E787795B}.catalogItem svchost.exe File created C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\InstallService\{27A1A7CE-034A-4A63-B9C7-174DCD64F2A5}.catalogItem svchost.exe
Processes
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\61793c2129f76d871cb8be1a63f1c13a5dda7d7e81763f0d14bd4cc8127bf998.pdf"1⤵
-
C:\Windows\System32\svchost.exeC:\Windows\System32\svchost.exe -k netsvcs -p1⤵
- Drops file in System32 directory