Overview

overview

3

Static

static

3

FS2004_Alp...in.pdf

windows7-x64

1

FS2004_Alp...in.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    151s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    14/10/2023, 02:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FS2004_Alphasim_AS365N_Dauphin.pdf

  • Size

    111KB

  • MD5

    bf865c23cb8d3e4e4bc6bcc2393c3f33

  • SHA1

    f3a270ef46e49b205b947243547af08248f92c92

  • SHA256

    24177fbc4626e009f2aafdc76ab38c778f2fdb1c115081828c4909b76426a58b

  • SHA512

    e329be424fc5327609b2319f388dbd1d56a3b8d8268e6ad5fc58d90733e3a810df763f0ca4ab9a0d170b924eb9a2ec40846e8555690fc7ae9c8c919f2501656b

  • SSDEEP

    1536:sLB7i5pJT7SCgsq0/dzeahjm0/jnaemCBmjz7hMJaKXjZmnfhEPjQYdomwft:sxi56CLq0QahjnvBmH7mvjZmfoQ+omK

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\FS2004_Alphasim_AS365N_Dauphin.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2112

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    e2715fafbb899ecaa8e97971380ad6c1

    SHA1

    20eabb0e21b26cccdf320fc00eef8e54cee50e71

    SHA256

    fd89210edb0d906e089129c5c54c78fc6ac75a5c51ed1a90ec5f0d459c7a3990

    SHA512

    2d6aeced4f5861f8f4dd5a0d9e8c5ba750dfb564aee1a0bc337613fe94becc48d86b141baaf70adf3abb7aefa9b49da42e88ebd9283a7f0fc0c7f356e804a03c

    Download Submit