Overview

overview

3

Static

static

3

George.bon...5F.pdf

windows7-x64

1

George.bon...5F.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    11/10/2023, 08:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    George.bonne 2FAuthentication ZX7T8YD25F.pdf

  • Size

    18KB

  • MD5

    57dd5d6ae9ea34b408ae5fe35c22eb07

  • SHA1

    e914ef3e72b08491da22fe9cf5cccc1a73b93da9

  • SHA256

    001289caea21c046ae2f87328fdfe2395e48f6f9f5d0adb8206d2e132095ea2e

  • SHA512

    280e8037fdf24a850a58edd999530934f2bcf13ea6788383b579fa65ffdff6a4574c0c1d8acbc6d5d5aba812aa22e6cb4e1db693a250e3c5c252939bce0b0544

  • SSDEEP

    384:jrAM5jydH4V/IEQ+JckVqXauh1xvKNybzL8S:jrdOx+r1ufxiqL8S

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\George.bonne 2FAuthentication ZX7T8YD25F.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2244

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    1576138b23fa03c85acc8fc2855ad254

    SHA1

    953b252f62b745276b3c688f22b6f1b17031dbb6

    SHA256

    0446854885272e03066f3e1863c6ce120bc3b2d2fb98046b0098ef06aa362566

    SHA512

    70fe8d32a1be236b1ba1c20cf61b92e9505ae214093ef154c0102691a80c10467671acc527fb2c2a4f14fdc3b27f85bd29a4f132a663df4fb7ba537aeab7c99b

    Download Submit