91b82611b21bf9b93959caa9f41e02d1cfe589ffba89ebbd37ddc99d70203340

Analysis

max time kernel
151s
max time network
46s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
27-10-2022 03:38

Target

册2 相关支持性材料/4-2-1 国内流行病学数据或销量数据等支撑材料/诊断率和药物治疗率.pdf
Size

786KB
MD5

6be6c045c450cd71e337427d96f9487c
SHA1

e4afc475e3cc967c37315cd3b3b6806299b99791
SHA256

ba4016aa7744f8fb1f97d099c2b1f264bcb20838f7f32e49b1b43e86fc3f4342
SHA512

55e029cee86ef637f95c3ad25af1d5e622721bd1c5d94f9101d76a8a2df7ea18271710d95e0b2057f7df91428e21de9d0ba3ac2c5315594b42fa268b90be034a
SSDEEP

12288:WmXE/+rJJs7nMIEcmGY7xLhhnUqvh9P1aXZkKK+b5Mr7hrq:TprJCPmGAZUqvtaKKvb5WG

Score

1^/10

Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1980 AcroRd32.exe
1980 AcroRd32.exe
1980 AcroRd32.exe
1980 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\册2 相关支持性材料\4-2-1 国内流行病学数据或销量数据等支撑材料\诊断率和药物治疗率.pdf"
1⤵
- Suspicious use of SetWindowsHookEx
PID:1980

memory/1980-54-0x0000000075981000-0x0000000075983000-memory.dmp

Filesize
8KB

Download