Overview

overview

8

Static

static

AdbeRdr707...DE.exe

windows7-x64

1

AdbeRdr707...DE.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    43s
  • max time network
    45s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    06-01-2023 19:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AdbeRdr707_DLM_de_DE.exe

  • Size

    521KB

  • MD5

    b3901d9076cc75bf91c9189d07ac7198

  • SHA1

    ac329223dc14352c85ed0e1051bab6db0080a546

  • SHA256

    9c27e4b5564c2da4365c36e822687659bda5918c7cff0bae167859f7dc571b83

  • SHA512

    2fdc4aef3ffa274323225c1288fbe63b72e7bf09c763b146237a968b68821411b96386c3bb307ef59bd6b41f097c899f26e294c7d12b77ae9bc6aac28d3cc23d

  • SSDEEP

    12288:lHcoZ62g+Z7t401RQbpntRFYCG7o9Sc2TAFGf/mA6:lHcu62NZAbjRFYCGNc5Gf6

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\AdbeRdr707_DLM_de_DE.exe
    "C:\Users\Admin\AppData\Local\Temp\AdbeRdr707_DLM_de_DE.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1968
    • C:\Windows\System32\pcaui.exe
      "C:\Windows\System32\pcaui.exe" /g {11111111-1111-1111-1111-111111111111} /x {be207fd6-212f-47d5-904f-ded8f7d9739b} /a "Acrobat Reader 7" /v "Adobe" /s "Acrobat Reader 7 has a known compatibility issue with this version of Windows. For an update that is compatible with this version of Windows, contact Adobe." /b 1 /e "C:\Users\Admin\AppData\Local\Temp\AdbeRdr707_DLM_de_DE.exe"
      2⤵
        PID:892

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1968-55-0x0000000000400000-0x000000000041A000-memory.dmp

      Filesize

      104KB

      Download