Overview

overview

5

Static

static

3

Document-S...39.pdf

windows7-x64

1

Document-S...39.pdf

windows10-2004-x64

5

Analysis

  • max time kernel
    150s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    02-09-2023 17:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Document-Statement-21639.pdf

  • Size

    178KB

  • MD5

    f1430610d3cf0a69f83ac16d0732d5b6

  • SHA1

    9bd9d5a56eb0d722d4e39b9b6736b1d5960480f4

  • SHA256

    26aa5b8d70ed6b02cde1f3a9cec8393007f5ed6b0cefa4a46874d0332fa05879

  • SHA512

    deaa8c2de5c8e035edfb212b06bf56252c7615fba474104433378479190d6cf4c35ec68b3f0ab00e177c47ef1e6e7ddb8c7522d6c511f3977a0a00fba1f02dc9

  • SSDEEP

    3072:baPsO3rBugdu8ZwqUn51FncNhZ1N4q7G1ehPdlholE2zg/UB4FfDZjZDzkjnfLLB:baPVfU8ZwBn50hZ1b7GA3lUBc/bFf1ZQ

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Document-Statement-21639.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1888

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    5525d97c20a52b78f53cf1b95139e1d3

    SHA1

    a700b62470708c143c30aae7c21794f862c88cfa

    SHA256

    75e686263817970f26db27d5d9d2b5928c9ec075238af5a3574df2f4201a3763

    SHA512

    7aad24b6959bad5d7830fa1df35148479db69eff7ea5ef70292ec0ef843b8250339aacc5aed67a9d6133700c27bb78407cb7094f78bf817c0c6520795ba666f4

    Download Submit