Overview

overview

3

Static

static

3

NEAS.1bd42...JC.pdf

windows7-x64

1

NEAS.1bd42...JC.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    151s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    14/10/2023, 14:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.1bd421e9f0fc49c07e50f5fafe6bed50_JC.pdf

  • Size

    366KB

  • MD5

    1bd421e9f0fc49c07e50f5fafe6bed50

  • SHA1

    832aa96eadd68f2eebe0e040ed934e557c6030a1

  • SHA256

    549c1af0317e5e35f210f04dffbf649ec24253bc2589c5332995b732c9e7c99a

  • SHA512

    e55c4cc469f5b30149e647334bd404206b6e0962e9fe8808e9056b3ac0f016027c61957d60d9d982200f41ecc4bd5ea4ae12e634279dc504be4d16910ade79cc

  • SSDEEP

    6144:OSgNPgugO07xWsp/E0qRKKfwX6//L2qcWrzI8CnNhtuwU:7WguglJ/xQKmyEZcWVONhtuwU

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\NEAS.1bd421e9f0fc49c07e50f5fafe6bed50_JC.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2860

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    855aa00289fad610b7a6a432ebf033b5

    SHA1

    082fe6643b5dc7b20940ab2b38a63c523143f2f9

    SHA256

    36341298762a714ba80618891c0eba5ff14e51060843d9ea0ccb819178b29a74

    SHA512

    8a4b1953b2b65abdcd97a777ee1bf12296c599b143498aa4f3f915bf6e86275bc3230167a63d2f2401f5937c75cd65a357bc73cdc8ee978a835f62fb823b1d67

    Download Submit