b28c94b2195c8ed259f0b415aaee3f39b0b2920a4537611499fa044956917a21 | Triage

Analysis

max time kernel
150s
max time network
34s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
04/01/2023, 18:17

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

covid-19_anweisungen_quarantaene.pdf
Size

15B
MD5

1441a7909c087dbbe7ce59881b9df8b9
SHA1

c1d44ff03aff1372856c281854f454e2e1d15b7c
SHA256

b28c94b2195c8ed259f0b415aaee3f39b0b2920a4537611499fa044956917a21
SHA512

1dccad3fad058a29ccef8e003fa71bbabf587431ac5a55fb36268bf7958c5f3cb31116ac9e855ec61bb9b72ecbd484f704bee032707fb0ead24ad2bee97b9a39

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1316	AcroRd32.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
1316	AcroRd32.exe
1316	AcroRd32.exe
1316	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\covid-19_anweisungen_quarantaene.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1316

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1316-54-0x00000000759C1000-0x00000000759C3000-memory.dmp

Filesize
8KB

Download