Overview

overview

3

Static

static

3

NEAS.8f920...50.pdf

windows7-x64

1

NEAS.8f920...50.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    151s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    16/10/2023, 18:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.8f9201e80489d10e844df9c9210a3950.pdf

  • Size

    494KB

  • MD5

    8f9201e80489d10e844df9c9210a3950

  • SHA1

    29086c2155eec07ed1048ff8e6f744e46f636ccf

  • SHA256

    069226261d43be78d75fc9bdcb30ed7b7f245790eae3615af63040295833d1ae

  • SHA512

    4e600c3fe8df9bdbded36b826ac7b9d1f1a91285ab9a69ca769895bfa6663626104ae2d34f8c16c7d741066d539aef32059af725f26aa5d6f828509950f80f4f

  • SSDEEP

    12288:MAlZy7ohbJ7r2b0Ok5miuQr0Qp+sapCCCC3QmtrfPCc5dzB:MJchJ5OCmjQmrXLnzB

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\NEAS.8f9201e80489d10e844df9c9210a3950.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1068

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    ca4f8d126f5c4ede8793df2dd8688f9e

    SHA1

    1086548368411644008e9c97be0461592ba34ae0

    SHA256

    38e4068993fddb844ab68993d7ea9a8016c4ee920cc7025cc941c95cd97aba1e

    SHA512

    f0edc47d410c1a996ff0a70e1837f7cfc97dacc00a5dbe037e94b0ed0f3960c0a759bda48eb0c0fd5c7acb9658e6e38253de4b0db93e8389df563c59025c2961

    Download Submit