Overview

overview

3

Static

static

3

NEAS.c96b5...00.pdf

windows7-x64

1

NEAS.c96b5...00.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    15/10/2023, 10:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.c96b5b205d0a45cf46e1ec4686f89e00.pdf

  • Size

    52KB

  • MD5

    c96b5b205d0a45cf46e1ec4686f89e00

  • SHA1

    bc47f3b255911d99393dc916b3bda62c8150a1c7

  • SHA256

    4727b35e60aaee0f11ce7c85803ee26b784fd1d7581417d61eebc67111ec2471

  • SHA512

    aea50ad982d3092ac97ab1504b1e0242b7cfe66c4ef99a872e07171d7e64d722e2834dfce5536004763f10c4aba456bb87ee80db663b490c40bfee8e1ef313b4

  • SSDEEP

    1536:89uctRfvVIrE26/UJk0xfJdZCMoWDBClHOSj/yKpHr81RK:89pLvD2eUJk0lJdZCWAlHOSjaKpH4G

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\NEAS.c96b5b205d0a45cf46e1ec4686f89e00.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2224

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    4dd56f9a968d3979be089f4a579dcbac

    SHA1

    3badc2946ab2441caf9c6a48d617fb7063ac0b47

    SHA256

    7db8c89302d5eb8b267795b5878cb05d7f52fb85d9132187fffb6db8d7ffdc8a

    SHA512

    cc00c599752e5b94603e02b5a26165b5530300a9518e771bd5147f441f8799ad70710cf35ff7205b0e670ee2b86399b13423028c71b2389b77189a5e39d9eac2

    Download Submit