Overview

overview

10

Static

static

8

1.rar

windows7-x64

3

1.rar

windows10-2004-x64

3

Ehhbsuuemv.exe

windows7-x64

10

Ehhbsuuemv.exe

windows10-2004-x64

10

GjIEmKW.exe

windows7-x64

10

GjIEmKW.exe

windows10-2004-x64

10

Jtvcsfni.exe

windows7-x64

10

Jtvcsfni.exe

windows10-2004-x64

10

OriginalBuild.exe

windows7-x64

1

OriginalBuild.exe

windows10-2004-x64

8

PUMPED_docc.exe

windows7-x64

10

PUMPED_docc.exe

windows10-2004-x64

10

Servicing-...te.pdf

windows7-x64

1

Servicing-...te.pdf

windows10-2004-x64

1

cgu3.rar

windows7-x64

3

cgu3.rar

windows10-2004-x64

3

debt.rtf.rar

windows7-x64

3

debt.rtf.rar

windows10-2004-x64

3

eeee.dotm

windows7-x64

1

eeee.dotm

windows10-2004-x64

1

egor.dotm

windows7-x64

10

egor.dotm

windows10-2004-x64

10

errr.dotm

windows7-x64

1

errr.dotm

windows10-2004-x64

1

example.dotm

windows7-x64

10

example.dotm

windows10-2004-x64

10

fasfs.dotm

windows7-x64

10

fasfs.dotm

windows10-2004-x64

10

ferrr.dotm

windows7-x64

1

ferrr.dotm

windows10-2004-x64

1

fffffffnew.dotm

windows7-x64

10

fffffffnew.dotm

windows10-2004-x64

10

Analysis

  • max time kernel
    152s
  • max time network
    36s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    16/06/2023, 18:36

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Servicing-invoice-template.pdf

  • Size

    34KB

  • MD5

    d422843d566db462f7f8f6bc3be9ca76

  • SHA1

    1b1b89d8227af285a658ba64a15e1f0a56953e46

  • SHA256

    3fff1be296432c5b2cf165c63110531e8e4aa3e31285d1800d0ab92ece7e5c3a

  • SHA512

    a62ad4534bd8b274df69de3dfc64595137941097742173f0e8d02307f35b5344bcfaf3151a203d6f5a24f2a4300996e7713db729763516cade8893e62d63e9cc

  • SSDEEP

    768:zzy3jjj/ZX6HmbabFA7FFFjgXUfUU9ivyoWYU9NlgxUh3:zzijjjRXIcaZAtIyo+lD

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Servicing-invoice-template.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:816

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
          Filesize

          3KB

          MD5

          b9d2bfc780d6fd22dda022b6a0b148ac

          SHA1

          b644e64a74739d54ef6e26bf4bc25330b2072482

          SHA256

          b16730da6cc21601eff7465af7e415e6d64d71123b39dea7b54f78b4468c4fe7

          SHA512

          c50d9188b53c72a84a207767b4ff175e1813b437e12d76c7b89db260cc7481cff738a5059d57751c99e13795eeca6c666f8f34d41b78ff06c18f2f3718b54b3f

          Download Submit