Analysis
-
max time kernel
151s -
max time network
51s -
platform
windows7_x64 -
resource
win7-20220901-en -
resource tags
arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system -
submitted
27-10-2022 03:02
Behavioral task
behavioral1
Sample
be1a8959e9ab5b460a29dac8185596c2cd4912b5c18a9a9123d4b1829f32ed67.pdf
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
be1a8959e9ab5b460a29dac8185596c2cd4912b5c18a9a9123d4b1829f32ed67.pdf
Resource
win10v2004-20220812-en
General
-
Target
be1a8959e9ab5b460a29dac8185596c2cd4912b5c18a9a9123d4b1829f32ed67.pdf
-
Size
1.7MB
-
MD5
132aabdd8c4434d39cba5f92aa29f14e
-
SHA1
6831b38e88d6f9fffaefea293a0b6dbb5d98eb49
-
SHA256
be1a8959e9ab5b460a29dac8185596c2cd4912b5c18a9a9123d4b1829f32ed67
-
SHA512
eb78470ae90e41f26c6a9f8b16d633c0feb2abf6ca9e1e4504496e694e4179888d228979bddad66312da78f74da47978ce8b70c888df821958a30d371b913657
-
SSDEEP
24576:Nu5/TnE3A2bGvFuq2hylaLaaEFqcS7VGOeGNAZR26fedn42hvXi+u/HHq4:A5/bkAQylUaaEFSVGLEp6md4AXiDvF
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1308 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
AcroRd32.exepid process 1308 AcroRd32.exe 1308 AcroRd32.exe 1308 AcroRd32.exe 1308 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\be1a8959e9ab5b460a29dac8185596c2cd4912b5c18a9a9123d4b1829f32ed67.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1308-54-0x0000000074DA1000-0x0000000074DA3000-memory.dmpFilesize
8KB