Analysis

  • max time kernel
    121s
  • max time network
    76s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    07-07-2023 15:42

General

  • Target

    502620.pdf

  • Size

    109KB

  • MD5

    57596fa93cd3e65c8f83da6af2fcf1f5

  • SHA1

    aba115d37204d74ba32fbc1b4e7a8c824cd48409

  • SHA256

    eee6a5eeab668c081c6524836cc5c05ee62b38abbe679aba5263d6ec57e3d9ca

  • SHA512

    7c0b4ec3c922199d6b8c88aa248f29a0727a7f1b1e546d2646bfc4f8190c8e50d8dcbc73bda51b5f44450e4c0a6092f3749830ece0761f81902cbf241361ed2b

  • SSDEEP

    3072:xKK9db9ICyhhxQRQ3cU5JMGy3L6Rm+9RcwG2o4NZHmnE:xKK94phh2YN9RqD4NxZ

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\502620.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2172

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    519ae0d970720a0e0d45f2ad76cb793c

    SHA1

    9896a8d39afca75834e68b36985df5e586b77b5a

    SHA256

    e554d866da54a98fcfc4c5274fece0c99613ea4aaf00a419da7a3911a41666dd

    SHA512

    ed9b557f5505b85e7d8ce608f061a0ecd62b47f3ad64fc85a2a4f889d77ed2badcaf771ef1ca26ad5c95b7c2c26b07c7b3e08bb2905cb08131bda4d9f6fa0f51