Overview

overview

4

Static

static

4

Investment...d).pdf

windows7-x64

1

Investment...d).pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    116s
  • max time network
    31s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    03/07/2023, 21:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Investment Deck (Protected).pdf

  • Size

    1.2MB

  • MD5

    ae603ac744102094c88936d90333360e

  • SHA1

    8994488dd69f568c6143e1ffa0ab5ab820c1a351

  • SHA256

    05da6f73efc21aef8c80134a7c9d81bbc2f7b1177b6453b925e97654c5ad2450

  • SHA512

    cf979c176fea037636cde79e7af822eb7bca196605c53b1a3d08ab190046c48d3649ad7a6c2b83f3c19b53f74f2ca859153cc3c19f880fcb29b201e53a88b1a3

  • SSDEEP

    24576:osgNjL8rcziHMrFtckD0N93TRvPlMBoJBjhuCUZf7g80HKute7zvxoyDPBe:or1L898tckD0/RvPQonjhfUZfPuQXDPk

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Investment Deck (Protected).pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1380

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    826d4e21bd963e9ce899eb947ce828f6

    SHA1

    93e62320bdadf9e71d7f236ac032d0ee16ee6b3c

    SHA256

    1cd00827b8693ed3cd864712fb0704bdf988a928d789dd29fd12a7884c5cc94d

    SHA512

    745cf63e6ccfa0a137fa114073964ea4d5e05a0b3cb8146cb9c448bbef8f3c4f2510ac533da640f67ca5013c6a13d488aeef9d0db377c0a801b7f84f89a77ba8

    Download Submit