Overview

overview

3

Static

static

3

NEAS.deca4...f0.pdf

windows7-x64

1

NEAS.deca4...f0.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    14/10/2023, 08:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.deca429bdd05018b55b23e519e6e07f0.pdf

  • Size

    69KB

  • MD5

    deca429bdd05018b55b23e519e6e07f0

  • SHA1

    f5372c6435c23f1d6c5cbc745a324e8e0a3ee6b1

  • SHA256

    2437123ca9b3d0c7b9c1a3582d27e038e5e8c08362f4cc2880dec58bb5f1a8cd

  • SHA512

    f39a5161ddbbcb81553f13a4865889930f53192c6782a5051335095b06b4f46bbae002c43a9d6fd94ac35fecf7d0fb5bd938ca83e982aad9c4784462ad0cca9d

  • SSDEEP

    768:VzmBONlyZzC9czr5eczDA+GrQ3edrjzeano7IomHJ+7Qh+GpaOwikATyl25PFo5v:+Zh30sDV3jojvRPGsq5p/ki

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\NEAS.deca429bdd05018b55b23e519e6e07f0.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2972

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    7c6db33725b82de2d73bf3fd4bf99528

    SHA1

    9f16957d24b8a5b2e2fbe1f25ded32741f5eee57

    SHA256

    c570b6088e3ca1e159a8a7184025a29ac6f21a1f047a1fb0f024ea644bb9f31e

    SHA512

    b254190b71007f43731d0279826fd01aee7499d2790bf4488f5189a3660a3fe248591bf6d245fad4eb347e155378eb971be2a2d2880385d841cac0ab84b8a339

    Download Submit