Overview

overview

3

Static

static

3

UNILEVER_RFQ.pdf

windows7-x64

1

UNILEVER_RFQ.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    6s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    16/06/2023, 11:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    UNILEVER_RFQ.pdf

  • Size

    599KB

  • MD5

    bd898ea645edf7f134ad60d60a4213f8

  • SHA1

    71cf0cbab3e08667e6b7c0cbe6a72760b27e8172

  • SHA256

    4c5ecdd8fe50cc8b861f50a17f413bdd71d8edee7bfdb1b05f01a748e3d13d73

  • SHA512

    20303ff1f7860af7adc65392df8262992e4f187a25a7a14e89bb1ac7bfaa7a1c73d0845e26823d32ff26dc8a5d127daf3f7d9a631c01c66544d26edd6e6a8e7d

  • SSDEEP

    12288:YY8c9636V4ABCKjDf1y32e7zyd55QJVsanz6bO0lCI7F5tfIPiD:T8b36V4jzm8eancDf7bvD

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\UNILEVER_RFQ.pdf"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1128

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    cb98651634f16651adab1b6ccdde6e8a

    SHA1

    91261cc4afc6e2f49727d5f5184f34437e58f940

    SHA256

    fa78c5c085aa867f79426f71ee9830cc3e9c1ed8df60d0e7ce20c6f2eaf6df37

    SHA512

    bdfe0fed5d3f933e5d898d8e436ac7e0eab2832d3520410b0331d4d378e5821a206c086e2bde812678be4046133fb6f771bf5015c99236686a2338183e5331bc

    Download Submit