Overview

overview

5

Static

static

1

1692162251...-1.eml

windows7-x64

5

1692162251...-1.eml

windows10-2004-x64

3

attachment-1.pdf

windows7-x64

1

attachment-1.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    163s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    24-08-2023 17:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    attachment-1.pdf

  • Size

    68KB

  • MD5

    2b3be1eb3d7b6138267adbc5b8b2aa1a

  • SHA1

    82a9779df2f99035471517f003e2c2f8d0efdf84

  • SHA256

    0b3d3c4ec597fcf198f191a4e38ad41daa5f03fdf70e5afb487b9058e900463c

  • SHA512

    5186ab36ea16231ff3fbe5bad3593dfc4c66eba89a132440719fc07bcfd6d9291a3a7e9fdfa48d133a64700a53a525ee21824a8514b76412b0952d45593b52fb

  • SSDEEP

    768:g1kZ6dZJR6wIwwMg6g+/fe2ewMerePQu/WEbFMkD3yhJAxZOjSSHcKds+Afsz3bC:g18IJeCyXvc0

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\attachment-1.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2796

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    8ac4ad592908b20c1a0e1bdf87af212b

    SHA1

    d51f74a0ba8ed1f22c640840a1f20baa7f80ac24

    SHA256

    d6692437199828c29b098d60f8cf4679cd6c449d6d1a5cc87baf966a334b2e47

    SHA512

    82fafa3fc48e99efc6d41db2c5d30e3800f2f14039eabc35b9f34c2d72b478a8da2400ec410bb2cf5d71fba636114f069873873e81300190bd1b2526a547ccde

    Download Submit