90435781fdc2ed824e908816831889e546ef4a1bc26648b997d8076899e51c60

Submit
Reports

Overview

overview

Static

static

Kiddions_m...nu.exe

windows7-x64

Kiddions_m...nu.exe

windows10-2004-x64

Kiddions_m...d.html

windows7-x64

Kiddions_m...d.html

windows10-2004-x64

Kiddions_m...typing

ubuntu-18.04-amd64

Kiddions_m...typing

debian-9-armhf

Kiddions_m...typing

debian-9-mips

Kiddions_m...typing

debian-9-mipsel

Kiddions_m...ry.pdf

windows7-x64

Kiddions_m...ry.pdf

windows10-2004-x64

Kiddions_m...ck.exe

windows7-x64

Kiddions_m...ck.exe

windows10-2004-x64

Kiddions_m...ng.pdf

windows7-x64

Kiddions_m...ng.pdf

windows10-2004-x64

Kiddions_m...er.pdf

windows7-x64

Kiddions_m...er.pdf

windows10-2004-x64

Kiddions_m...er.pdf

windows7-x64

Kiddions_m...er.pdf

windows10-2004-x64

Kiddions_m...ic.pdf

windows7-x64

Kiddions_m...ic.pdf

windows10-2004-x64

Kiddions_m...ne.pdf

windows7-x64

Kiddions_m...ne.pdf

windows10-2004-x64

Kiddions_m...rt.pdf

windows7-x64

Kiddions_m...rt.pdf

windows10-2004-x64

Kiddions_m...ed.pdf

windows7-x64

Kiddions_m...ed.pdf

windows10-2004-x64

Kiddions_m...an.pdf

windows7-x64

Kiddions_m...an.pdf

windows10-2004-x64

Kiddions_m...on.pdf

windows7-x64

Kiddions_m...on.pdf

windows10-2004-x64

Kiddions_m...ne.pdf

windows7-x64

Kiddions_m...ne.pdf

windows10-2004-x64

Analysis

max time kernel
239s
max time network
33s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
02-12-2022 06:51

Sharing

Copy URL

Twitter E-mail

Static task

static1

pyinstaller

1 signatures

Behavioral task

behavioral1

Sample

Kiddions_menu/Kiddions_menu.exe

Resource

win7-20220812-en

redline infostealer spyware

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

Kiddions_menu/Kiddions_menu.exe

Resource

win10v2004-20220812-en

redline infostealer spyware

windows10-2004-x64

9 signatures

150 seconds

Behavioral task

behavioral3

Sample

Kiddions_menu/Readme.md/lib/pdf/reader/afm/MustRead.html

Resource

win7-20220812-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral4

Sample

Kiddions_menu/Readme.md/lib/pdf/reader/afm/MustRead.html

Resource

win10v2004-20220812-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral5

Sample

Kiddions_menu/Readme.md/scripts/require-strict-typing

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

Kiddions_menu/Readme.md/scripts/require-strict-typing

Resource

debian9-armhf-en-20211208

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

Kiddions_menu/Readme.md/scripts/require-strict-typing

Resource

debian9-mipsbe-en-20211208

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

Kiddions_menu/Readme.md/scripts/require-strict-typing

Resource

debian9-mipsel-20221111-en

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

Kiddions_menu/Readme.md/spec/data/20070313 - 2nd Laptop Battery.pdf

Resource

win7-20221111-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral10

Sample

Kiddions_menu/Readme.md/spec/data/20070313 - 2nd Laptop Battery.pdf

Resource

win10v2004-20221111-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral11

Sample

Kiddions_menu/Readme.md/spec/data/Genshin Impact hack.exe

Resource

win7-20221111-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral12

Sample

Kiddions_menu/Readme.md/spec/data/Genshin Impact hack.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral13

Sample

Kiddions_menu/Readme.md/spec/data/TJ_and_char_spacing.pdf

Resource

win7-20221111-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral14

Sample

Kiddions_menu/Readme.md/spec/data/TJ_and_char_spacing.pdf

Resource

win10v2004-20221111-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral15

Sample

Kiddions_menu/Readme.md/spec/data/TJ_starts_with_a_number.pdf

Resource

win7-20221111-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral16

Sample

Kiddions_menu/Readme.md/spec/data/TJ_starts_with_a_number.pdf

Resource

win10v2004-20221111-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral17

Sample

Kiddions_menu/Readme.md/spec/data/ascii85_filter.pdf

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral18

Sample

Kiddions_menu/Readme.md/spec/data/ascii85_filter.pdf

Resource

win10v2004-20220812-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral19

Sample

Kiddions_menu/Readme.md/spec/data/cairo-basic.pdf

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral20

Sample

Kiddions_menu/Readme.md/spec/data/cairo-basic.pdf

Resource

win10v2004-20220812-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral21

Sample

Kiddions_menu/Readme.md/spec/data/cairo-multiline.pdf

Resource

win7-20220901-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral22

Sample

Kiddions_menu/Readme.md/spec/data/cairo-multiline.pdf

Resource

win10v2004-20220812-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral23

Sample

Kiddions_menu/Readme.md/spec/data/cairo-unicode-short.pdf

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral24

Sample

Kiddions_menu/Readme.md/spec/data/cairo-unicode-short.pdf

Resource

win10v2004-20220812-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral25

Sample

Kiddions_menu/Readme.md/spec/data/clearscan-with-image-removed.pdf

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral26

Sample

Kiddions_menu/Readme.md/spec/data/clearscan-with-image-removed.pdf

Resource

win10v2004-20220812-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral27

Sample

Kiddions_menu/Readme.md/spec/data/clearscan.pdf

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral28

Sample

Kiddions_menu/Readme.md/spec/data/clearscan.pdf

Resource

win10v2004-20220812-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral29

Sample

Kiddions_menu/Readme.md/spec/data/column_integration.pdf

Resource

win7-20221111-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral30

Sample

Kiddions_menu/Readme.md/spec/data/column_integration.pdf

Resource

win10v2004-20220812-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral31

Sample

Kiddions_menu/Readme.md/spec/data/content_stream_begins_with_newline.pdf

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral32

Sample

Kiddions_menu/Readme.md/spec/data/content_stream_begins_with_newline.pdf

Resource

win10v2004-20220812-en

windows10-2004-x64

6 signatures

150 seconds

Report Analysis Logs

General

Target

Kiddions_menu/Readme.md/spec/data/column_integration.pdf
Size

56KB
MD5

c0b40f59ad663b80c5a234174639f680
SHA1

057e3921630e02b59e2d3df35fa4b62c8475b110
SHA256

69f3ad82336e4a5450510785c732c7b5c101436d728b41b9dc35024680982a2f
SHA512

c3865c71be6d032c0eaac41a111d59140bd97bbf51d19ed24c6f89cc31c9f4ee850c399b7b98883699d86ee5a470b34c6716a574f54b4716f69935096769aff0
SSDEEP

768:52dNNo5jd5MwWCHgv37sOi1aOEhV2S0+SadoIKQrYqdpIqW97cZqKfblVxKlCFdO:52dg5j8bCyoShV2SndoxQrURKfJa3

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1256 AcroRd32.exe
1256 AcroRd32.exe
1256 AcroRd32.exe
1256 AcroRd32.exe

pid	process
1256	AcroRd32.exe
1256	AcroRd32.exe
1256	AcroRd32.exe
1256	AcroRd32.exe

Processes

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Kiddions_menu\Readme.md\spec\data\column_integration.pdf"
1⤵
- Suspicious use of SetWindowsHookEx
PID:1256

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1256-54-0x00000000759F1000-0x00000000759F3000-memory.dmp

Filesize
8KB

Download