f5cf9afaa2944a1318e8b23dbc7685ed12558933879b4c475facb42b3fb540ea | Triage

Analysis

max time kernel
302s
max time network
128s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
13-09-2023 02:26

Sharing

Report Analysis Logs

General

Target

Supplier Expectations.pdf
Size

111KB
MD5

1a651471750be552d66d7deaa8666024
SHA1

8caa71ac1c273a5dd1f321e83b52c0ab29375553
SHA256

a87d12005cab37b42756a825264a27ff21789baf7567b9db4d14ce4ea7e49b4d
SHA512

5b238ebc4799c88db075c4c608a29ff6dfae344656b35a16c6b2ca99bc20758b742e954b941f3c120b4b8454dcb49e00d9bce339a2202ec77b9d79f444dfbf23
SSDEEP

3072:zUUNnCHF3jcyb7fexA1pkii6TXzihi3l2iy9hHx:zJNcF3j2xADdiYzSiVQ9hHx

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1808 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1808 AcroRd32.exe
1808 AcroRd32.exe
1808 AcroRd32.exe
1808 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Supplier Expectations.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1808

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
27ca3e381b873903aaeffb53e490516b

SHA1
fa81b8be818ccd15f18834666767395e0434ae7e

SHA256
2894f5802426c2d17d2db645fc732543e1a620f6d606154123eadb8b3f1e58ee

SHA512
186f405f9b35741d612cd5545a79ce70ae7a75aa66ca96876a42f2adffbbf1db13a758d24db23b451c7e8ff7a8da0b7d56693c1f504e84bdc9963ad7f717e4f7

Download Submit