Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    14/10/2023, 12:25

General

  • Target

    NEAS.0ef91d1ab301580f0b0513cbf204e8c0_JC.pdf

  • Size

    170KB

  • MD5

    0ef91d1ab301580f0b0513cbf204e8c0

  • SHA1

    3d6b0d1edd79eb6d0280bbe0076a5a87de7ef409

  • SHA256

    bb04105926f54d0e7cbc396f53d4695c285858bcb93b9d79e190651951b5648a

  • SHA512

    cfdd6f98f06809736d779e998b4df3edf696075f66b4e1be90191b1683b3a64fdf386de30794dcf72959a7c5cbe4c49a3087fcf67f8e247416ec2eaa25a82841

  • SSDEEP

    3072:l6Lu/AIThL2SFYLpTQ/EMY05rTeqo9AT8r2/v5oDgJgrXI1S9N9t:b1FYLpk/S05rE9AT8r2HSc2b9N9t

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\NEAS.0ef91d1ab301580f0b0513cbf204e8c0_JC.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2360

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    b3c7c32d1fcaa804803e77c5c41650b6

    SHA1

    b6dfbb6ce3b4f822b40a749d9de2d9000520295f

    SHA256

    fc2fde2960202faf1a9f9f7fe8530eaa446e941a054c586a070c8e95b640d425

    SHA512

    ec2ce427917c5c52b93f0dbd7d1cf3dadeb96fcab13bd636359b39be547941a0395fba826d64157e316507968014120477e6a5f29ff6c973d4625170954c2a99