Overview

overview

6

Static

static

6

sample.pdf

windows7-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20230621-en
  • resource tags

    arch:x64arch:x86image:win7-20230621-enlocale:en-usos:windows7-x64system
  • submitted
    29-06-2023 11:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    sample.pdf

  • Size

    2KB

  • MD5

    50f57a4a4bf2c4b504954a36d48c99e7

  • SHA1

    5e58f3ce5b42d1b3c1658bdc9db5b27b4993a3cf

  • SHA256

    b6d26c5b2b2300fa8bf784919638ba849805896cf969c5c330668b350907c148

  • SHA512

    1a60d650f9729e9f1ca5b514246677752d75145168fe8176b4270d56ba2189645e0c5dac3548ee1078dac365457fac8d5c836127438584f9c103e6eefa9b8872

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 9 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\sample.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1412
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\A9RB77.tmp\DayOfGermanUnity.html
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:268
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:268 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1580

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    df36f7904fe935bb057707c08c1ad6e2

    SHA1

    74a91dec5d0d0597c60b01d50f949a3cbd329197

    SHA256

    a0c41c95d44ae0448cbcd4c07e5f734f418c8a83fa1b90abec95757453ba1140

    SHA512

    fe1782acd6443df353b593747d01f6d95b8577b57428f12a25f6a43dd48e418dae6ae6077ef93832217551b9f1727f91359306ac48ecfe536f1a3b9136a77c25

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    799793b2c9ae4209b45add19276d8937

    SHA1

    42ddbf0a044f289170504d8b69f8036a0984a315

    SHA256

    469e877a5d77f96f53be43473373c3fc93b5401c370db110f5d61c721c66326a

    SHA512

    5b1ce0dea03ff2ad684a2e72eef67c09abd206216af43a4b29a9a244418ab6ff0c50500a6055b0af09389704cb7b38fe44709c9da3e4092251688c9fed3b9c71

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6d539c9d3064885d04f167a855150917

    SHA1

    a5947d2c8af4cba6358de398dc7d9eeab800087e

    SHA256

    f01051103eda93e7570c8884d94bfd2f9c485bd3c7e9e4abaf45ad48e829b720

    SHA512

    2a5e51998835b86828685f1f18cb11ed5ca025ef6298c077f457fa017a3e14a575716292fbae79b57ffc2cf2ecbd8d716597342396ceba38981fdb1b148c0e7a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4fa1cb3a7b0b8c29f31ebc32869f8fb1

    SHA1

    00a8efb4948a1a9d962707a092e086f27e4066ef

    SHA256

    f0787b8d9397ce6bf2f4c2d17fca9c5b4955715c815e41546c58cc6d5c821525

    SHA512

    fd232d60957827f774f168dff0720da312662e80f73f1d983e4f1831e95150b5208b791d3c779d47a2a06a83ceab7c7c4879e9aadfb11f56fe2d6fdfcb0f24c5

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8729866ad42ca0f2d0334e30d2fab93b

    SHA1

    c691a6b7d34e2585dfdca342de11660c05be40b5

    SHA256

    00a15fa08a327dab424a738edb1bd0e9f0ed43bc60cdfaab322874e18db7688e

    SHA512

    0b0860231e31f0dbc216c974a4f6b1aded93b3728cc141be0f2a1392dd2b857012abc5b8f182eb96dd350368148ac1a92429493e0afa549a0bdb8fb172c135be

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    24644bb9e3226f3cc10c406a2b0af802

    SHA1

    39d96277ee435d270a57ed27bd4338837d484d1c

    SHA256

    709ada88edd5b0be18ef29895cb3d04f6de1a8dce67a539b156649ba09d861b0

    SHA512

    991df4ef95be9bce6d46682ed690059b602a96a52ccaaa52982f5d88592f14069ad4ec1e974f5920dc5016f3eed2389f866bd24a29baedc3125e5c7f4cd29aad

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    93ad4f1b1046033d941385ac73ea5b7d

    SHA1

    ffaa9751041327ab8e115df2760e031a42deff94

    SHA256

    7da708d6a096ef5fa8a80c80d2272fc16378e92247b72539cad8c217a1e1c0e3

    SHA512

    665f9534c83ff035e5768bd90f0695dbae43a39ebf5fb36cfa3164f38b08d4a0e32381a6fc1c8853c1c8bbd0e4619c338215d6bc7c1d677deea30d7cfc95e5d0

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a88c0bbfdd5fb6a88e7edb2dde5e3738

    SHA1

    d51ae32f591ee85379f930f3aa17ce4bdbd9cda3

    SHA256

    c869f0791b272d3b742dba9d4c39528a7e1b0766979625e3ec25e5b3539e04c2

    SHA512

    cc02f3b6262e734b5ae9e12a61626628d0910bae1a90a88b266b9a0b216a1bbcbf2febc5cb6ecaea0a7db18827d23fb45a11be9d4beeb864a012ed962d1e3f9b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8b2158af7d544dd057fd6d7b1f78484d

    SHA1

    7c96580edffd072e2cf8ee1594710e63904525dc

    SHA256

    0e1b12ed45cb2b3c113cddd6f566db9ed583ee2388e5ac197427ec214905aaf4

    SHA512

    4d0c10cea4df9815eaa5c5868c095ba1e1945ddc2fb3e633d8e8779f970c78f00ee826ee632979406665a200ce66abe0260936add93178ac60233da54ca52807

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c3a9559abf1901d7af00e77341979bb6

    SHA1

    b1048910b1b006213f468989e3ac2faa0cddf9ed

    SHA256

    7ccc20139b113c8505ba394a3c3e5afe90e34c0924fe2d87ff5313c5e8fb454d

    SHA512

    f03c923c26756c1dc248a56e78283e91a2af437d44e364cc741dd6642a4275c5fd333e5c1fb673d89b339627c1287c342043a3febf48a8beb384d40876fdc65b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ea588e9efaeb7f2c9a9771e2614200ce

    SHA1

    ef72d10f60a476ec510267edeb7fcdf34050bf34

    SHA256

    2f83e3d09dc28acc7318f5d8aa6aa13accad68865a8d6bfc6806670d29d4b96f

    SHA512

    07760bbbf80cfcf5bb07a9aaa05bcd56523a83d5700c7bb1f53cec9f44c5c436f733d1829330619baeb45897b3e95e890891bb5fdc7b66bc21bf5a2e93d006ef

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eedbdfdc47f6aa64aead9ad91d1704c6

    SHA1

    f3136257abcc82f1b9c1ada6974630d5f5e04a5a

    SHA256

    e993b97849c57e95f138c1df712732c08f0277f4088b0241746862445d861c31

    SHA512

    833dc792e78ff7d768bebdbfb8172512fc0b6e22954d5872cdf69afc7a966fe25ff2046138b9f51ae8bbba0a9a0515804f12f1aa7b5dc126b462bebc3de95da5

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7a7dbd3a2c3daec6a11c2e53850c1a64

    SHA1

    201794a2e009b0989ac5f5f17f589d74f3281703

    SHA256

    75b0fccc39b33e6ae50ecac5f60528e326752e7ef874261dff366d7b1b3ec4ea

    SHA512

    45d7496f806308c59c5c0965edf2afddf0520ebaa9a72ab7a50c71e1e9b95c5cc076578aa1f25b74f0279999cf3964bc36a699208ce98afb88c2b867446aeca1

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    12540d2d14fe683696aac2f7ad4c44d4

    SHA1

    839d970ca96934a0b75885af6f397ef8dcbe988d

    SHA256

    a237d46dfe304e322205b4bdb97454f1bd860a2ec1a7fa000e3a3b833cc3361f

    SHA512

    d924ab0ee739c704d223f81e8ab3e3aab0efa06124faa06bf7a3b41a3a2a9ac231a471ad96aaa051ccd5395ac29843b743e9a3e21df4faa18fc77b7937d7c47a

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    270c3c2abeee28deb2e414c775353e28

    SHA1

    b1709072bbfae3a7d1c1a6f5ab7ced2a10a734b7

    SHA256

    c0159052506d40cfc696644a0f05713c6434220c9f7c7681841ab8b769e99dbb

    SHA512

    6c1d621d99579f7a43253d57f2942c126f17efde6d420d5265e0f2d858c35dc047bdc2ecfbfd7b2c8950b56616a17ea2b21236c2936cdf8670ab3569176e91b9

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9STJGIJX\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\A9RB77.tmp\DayOfGermanUnity.html
    Filesize

    1KB

    MD5

    ffce57940b0257a72db4969565cbcebc

    SHA1

    1005e63600f84bed063e717e593d359d39a74c1f

    SHA256

    047e750bdafb9fe1d78e62badfe98ee3f4915c05d5fe34c45013b49970357f24

    SHA512

    3c9ef3206636ec3fd82713a226d66a8508481145cb56f9ea28716693a535225f20e5e6d65f0caede3ab652a1dcde4616012ce9015a7e40a9d3df43e9b4a68252

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab2A5D.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar2AFD.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    d3a182e1f777952707fb22e4706c095b

    SHA1

    7b326c034a644f3114fd7e9c6461caf7bbaa99c8

    SHA256

    681f0bd0bb0a2ffd2b037af82172531c5ff45571a8810cd69388e3d42188d4ce

    SHA512

    0e6c497f7723286141048fa736a8dc337cc4629dee81afa806396bf5a3577bd8fbf1c899920010d1a0d474decb1112de451b39de679d9fa3e611369169e377d4

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\R467SO1Y.txt
    Filesize

    608B

    MD5

    eda5f08e4485647c98322f19710ce4cf

    SHA1

    1944297572be3dd7e08815c676f2fae6067043bd

    SHA256

    a87a2332dd3528fa8009a889dff0db982609a484c4df3d53808ba8d962c85af3

    SHA512

    1bade3fbe6f22fa98f837ad5018fcc12f2a7cdca49ee79f10c383ec26ef1b84ddc8ec4bd06e88331ecbe0fd7cde0b55675f26e907545954a697fdf48a6ea802f

    Download Submit