Overview

overview

1

Static

static

1

nvo_4klas_...23.pdf

windows7-x64

1

nvo_4klas_...23.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    1800s
  • max time network
    1567s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    15-07-2023 08:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    nvo_4klas_math_30052023.pdf

  • Size

    497KB

  • MD5

    4bdd9b3a37c08ddbe8f05ea5950d5def

  • SHA1

    7db89880ef2f4dbb2c97e3d17e513c0b4cd147e2

  • SHA256

    6fb29010f250b4c0913e55cdf7f28363430dc9dfccf4f15b642dfabcc97464b2

  • SHA512

    c8fa0573ce922b59be24c8a0a7cedbbcc8ff76ffb9260e638443004e86963ad8c0799de7febbddb111c404d5f1a15f08ae7deda9153032bded16ea85ee52ec75

  • SSDEEP

    12288:dLec1JXrhOHpxNK3nFN0WzWptckS1u3mf:kczixNKX1Etct

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\nvo_4klas_math_30052023.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2284

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    14920818b60b4fee42a3370c80a979f4

    SHA1

    b359abaf3b934185cdda30990a24c9007b353681

    SHA256

    c4cad46b0e2c17f292abea30dbaa91b15d0cb1f7af4ce18a4d0f4bc0e30fff01

    SHA512

    b4cfe5277bf02f938997226b8e6e703050c47c391a78c3ba4aa8b9e6fb8a22542ad77461e2078d78943be78c87fe7fbcba0aa1fa22ff74d270ac415592e0e0e5

    Download Submit