Overview

overview

3

Static

static

3

NEAS.643ad...30.pdf

windows7-x64

1

NEAS.643ad...30.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    151s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    13/10/2023, 20:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.643adbaa9701b75fcee453252315b030.pdf

  • Size

    59KB

  • MD5

    643adbaa9701b75fcee453252315b030

  • SHA1

    f258931801e784e184a21d2415dca30413074df0

  • SHA256

    5f9f38978a7ecab39ad58b2dbae865bf3e9cd9d4f2e59ee4cb433e493cf24e2d

  • SHA512

    804a57b32801b6fcd6c9652368915cebd1b33d50c854990f6771bca14c3ed08431a8c3fa2aa07c27affb406dc764c407445ba9521c4371bd6af2d1219d2f253a

  • SSDEEP

    768:Vzy/wd3z12JgXzhThztm7SezjoeGd/KdM8aZPZH5vWBaiRBP4bhov2MiofrnqG4u:MTiQSLAbP4LFojvRPsmq5p/kf

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\NEAS.643adbaa9701b75fcee453252315b030.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2124

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    f882c5b9fc44296eb44f171d67a820b3

    SHA1

    57f92617904ad0b135ff864596c1cb2e1c96361b

    SHA256

    cbdfae2d668b6f27c9c31be3605e28b63c36b884083e6a15010c32b7e0b81d25

    SHA512

    4260ca608022d4002453d698e61b04bc49f4d608a684827950c4732712ef59965078ff24d25f863708da6b3f532eb5693e9e3c3d7441b82bb47f870d696efb9a

    Download Submit