Overview

overview

1

Static

static

1

FFXO985_TXZ11QE.pdf

windows7-x64

1

FFXO985_TXZ11QE.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    12/10/2023, 12:46

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    FFXO985_TXZ11QE.pdf

  • Size

    310KB

  • MD5

    828f244f212ab71bef162dcba4fdbd17

  • SHA1

    3a65f649dc715a4c9a7036f5f27608b43500557f

  • SHA256

    9b0560aa054271214a34d5e6f8b4f8ad10f44a2ee912584c8b5f4ed2fe454f35

  • SHA512

    c81791527d28f889784e5a2a5583954f28b678884cfe893fdd328ead6de4c62c9b69d9543925ade55cf7f93d806f598fe23f66e52c2838dc231c1e32f55bbbf2

  • SSDEEP

    6144:F6oizezFOtU3nd3p055R+SpW6OoCYwKfjfuAApsvc42oN82L:FCaaU3nd3p052m3OoCYwKf74foNbL

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\FFXO985_TXZ11QE.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:3028

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
          Filesize

          3KB

          MD5

          7eebf1c7369a3f05e62434760c7ca758

          SHA1

          f5d87199a8a043b8bcfe81310d179ea9d351711d

          SHA256

          ff142f2bfd35621a38a7d1ee836aee5c47271603ac439f8b0e14486fbcfde1de

          SHA512

          ca8e90bf411094a0b91dd577a0141edb9eac157d23fd0d080125d188b8207c3e81c0042b1b618b213f9b0b08ff887a53e5f2a4eab10371cff7ebf4c94041b398

          Download Submit