Overview

overview

3

Static

static

3

NEAS.63123...10.pdf

windows7-x64

1

NEAS.63123...10.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    152s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    15/10/2023, 10:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.6312320833bf676dc00b94739ff8b210.pdf

  • Size

    62KB

  • MD5

    6312320833bf676dc00b94739ff8b210

  • SHA1

    552034cf9896c582349bf3eb269672104233bad9

  • SHA256

    b4594d18106a3db99a4f0d29d38b3038469218656ff3e141cbff9d100d10560e

  • SHA512

    3334dd1bb2a73c21b7ff1bb29dd78d6596f3bbe22a9d9c263bda15660452d68b8550a2c8649d65edb9822b0208e164b1b95b9eeb1388eb6f0b2154a16e4f955d

  • SSDEEP

    768:BAs/kZGB4lH/6abUVnhFsICo4gbD8v/8UV/yX7RY1Rb+Tn8UAGFZpMfu9NFa12gd:OGB4lHaJB9NEICIupr5qJUNhwa

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\NEAS.6312320833bf676dc00b94739ff8b210.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1760

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    f6b7b177bafddb4af5af58787c0a61c6

    SHA1

    d405c24e538115a0d25516f2afb822b360d8afa2

    SHA256

    3b1337ecda573d20d682f41ac08d497e6c3a8b1ab9b6eaa52817b5288a60771f

    SHA512

    9fe68b8c55c0eebcf8ea083b8e4aff7601163687ea981175b8425a6fa00b5c674cd010f8413f9117a796e4fc8331138e6164be36fd8f32d03108083c8ec004b9

    Download Submit