69436e7cb8bd58694d3380564537ad23f88922e60f2e133dc59bbf2941fd4b29

Analysis

max time kernel
150s
max time network
45s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
23-11-2022 14:41

Target

Rivesed Service Provision Update - November 2022.pdf
Size

145KB
MD5

4ace719d6952c0272c2c657e68055c53
SHA1

1cd210cda1e6afdd6e4dd09420bce0f8fbbf8d9e
SHA256

c035f574bb388e64e8e6a19d39236fec01b254e8d7360537e92496475577ed40
SHA512

d4e00332040ea03311081bffd26258fe1b82fcdfc9d5b3f9afdc174a04a453057655a50c8b114138c4f245314ad4d4e24ac3d12535aabe795984cfbd397f6925
SSDEEP

3072:B2P3DC9aQdgZr2/Z0Ehwn2w87kp4LHsDP2uN5qwcqctbLQrg0Ij2:YrTQYJEh9wJOHQP2jFR0rgbi

Score

1^/10

Suspicious use of SetWindowsHookEx 3 IoCs

Processes:

AcroRd32.exe

pid process

1424 AcroRd32.exe
1424 AcroRd32.exe
1424 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Rivesed Service Provision Update - November 2022.pdf"
1⤵
- Suspicious use of SetWindowsHookEx
PID:1424

memory/1424-54-0x0000000076151000-0x0000000076153000-memory.dmp

Filesize
8KB

Download
memory/1424-55-0x0000000002110000-0x0000000002186000-memory.dmp

Filesize
472KB

Download