Overview

overview

3

Static

static

3

Succession...ew.pdf

windows7-x64

1

Succession...ew.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    152s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    11-10-2023 14:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Succession Planning and Talent Management Agenda New.pdf

  • Size

    285KB

  • MD5

    43b3ce564e05cdebe91dd879f512ac41

  • SHA1

    60f6716db5d5f2e77cf9c858c4f3e65436533441

  • SHA256

    8c48e739d555e937c4b6456fd43e273f61a4ca2961cff9a744c52174fbd2ab68

  • SHA512

    5a73131e4630b55b6f6fa4ced7701bf1981a06f6b194b81a46846d2f49acc9df78d3f1140d929d9a60b5740344b77ad9f257815de5945362424c6c8eeb2fd145

  • SSDEEP

    6144:PU2vFALj4kSJmC+5/XAyvsnItkFUno5Yxyjhz0+QJKuoYMHGgH:ZvU03gx5fmnhFUno/dz0+/uj6GK

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Succession Planning and Talent Management Agenda New.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:3028

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    4df021ac711480ca84b462ab41c0a6c8

    SHA1

    280891dc4b388b28e8f532d33d34c5ad0cfd0c7a

    SHA256

    a5b527cd226e8bc1c5d517ed90cfcb1ca74dbb3c44efd0f8a0c53bbb877841bf

    SHA512

    12079a4de4cc20ae097a9bfc20436bebf09725f397129ebb2edbf93b168ef444626b9dd7afa6b5f9a6654e02eceb107be05fe84b3999787f276c9ce1df83cf54

    Download Submit