Analysis
-
max time kernel
266s -
max time network
296s -
platform
windows10-2004_x64 -
resource
win10v2004-20230915-en -
resource tags
-
submitted
11/10/2023, 18:37
General
-
Target
NEAS.280620c1c58d75b8efd81027b53b4930_JC.pdf
-
Size
486KB
-
MD5
280620c1c58d75b8efd81027b53b4930
-
SHA1
57b38ff0ad4d1481d4696b3a08e396f08062bb4a
-
SHA256
05d76a00dbe048b95fc221ff094e48339e43abce05a978a7d4914bf6a2391dd2
-
SHA512
11567ffa6bc610e6d9b9229e2448197343cd5774c1b0c4b6cce14b3fa519f6c7d6fbb4b81d8a3b48e312b49727dfd0c442535747bdf6ab33070e8cedb9508b85
-
SSDEEP
6144:hBSu7R8l3MQ50mDH0xIAMyPCm3LseeXbj2Xmn+aZs6JBFz5F39vUwmgWTZCz8gRT:fR810S0xIA2UkXm23ZsWBFz5Xegf+Py7
Score
1/10
Malware Config
Signatures
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\NEAS.280620c1c58d75b8efd81027b53b4930_JC.pdf"1⤵
- Checks processor information in registry
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx