11a9d20b2be97f4170b655c3ef2f727174a6b46a28ac94182b122adc39220c5e | Triage

Analysis

max time kernel
156s
max time network
43s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
27-11-2022 02:57

Sharing

Report Analysis Logs

General

Target

ͬļ/2.¼2 ۳ŵ.pdf
Size

179KB
MD5

392e7a9e938b95b82578b26ee2c88957
SHA1

46186a72792684474a84cb385cc9579e871a3f81
SHA256

f2e007a9f58564b03e05c6841c8134596002a48efbb753c8dbdefe73ef06bb22
SHA512

c74a81c041380c6a12887739179109be11cf1bf108fbc5b57545a467fd487184de086380827581a139267da64f5bd5c1d4e2c3172153903546ffbce26ae18609
SSDEEP

3072:WTjSFC7mvPRfdgW0/Mpz9dYfdM5b1wHXzL5fkd:EjUvPRVLpz9dBJw3Pg

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1608 AcroRd32.exe
1608 AcroRd32.exe
1608 AcroRd32.exe
1608 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ͬļ\2.¼2 ۳ŵ.pdf"
1⤵
- Suspicious use of SetWindowsHookEx
PID:1608

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1608-54-0x0000000075A91000-0x0000000075A93000-memory.dmp

Filesize
8KB

Download