Overview

overview

5

Static

static

1

Schulungsl...df.exe

windows7-x64

5

Schulungsl...df.exe

windows10-2004-x64

5

cryptbase.dll

windows7-x64

5

cryptbase.dll

windows10-2004-x64

5

Analysis

  • max time kernel
    121s
  • max time network
    32s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    04/07/2023, 12:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Schulungsleitfaden-CB-20230610.pdf.exe

  • Size

    5.3MB

  • MD5

    4f5411b9046c60b4d4fc9d21e6594faa

  • SHA1

    1f99a75bfda5ec9f3461e5be67ed11ce5523b820

  • SHA256

    e8b095a197e0190f5a8dfbd7d43b7c96bf67eff771601abd5230d0462e7af0f2

  • SHA512

    e34330bd00741bebac642a064f10061e763e71120ef823898e64ca55f933556d390a23233a7ad63d65dcb6a7790e55926107287a2cb54e8af78f93520e39c417

  • SSDEEP

    49152:ZnqviTBnF+tj07yogmAP8CkwS/BUFQwFQQCym4Ja2j6XU5kG5pCQFYOsqyUxnXP3:1n37x8bpCQXP3kEeiGDp3Y//

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtCreateThreadExHideFromDebugger 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Schulungsleitfaden-CB-20230610.pdf.exe
    "C:\Users\Admin\AppData\Local\Temp\Schulungsleitfaden-CB-20230610.pdf.exe"
    1⤵
    • Suspicious use of NtCreateThreadExHideFromDebugger
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2216

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads