Analysis

  • max time kernel
    150s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    16-10-2023 18:32

General

  • Target

    NEAS.ad065a659136bc9e4304be5b9ca710f0.pdf

  • Size

    74KB

  • MD5

    ad065a659136bc9e4304be5b9ca710f0

  • SHA1

    94ff199598fb849c7ebf98e37939a30c279d055b

  • SHA256

    59561f52a1649d111b8576a884c96ecdf68625006659e5c5cde15ea9348d1dc6

  • SHA512

    a5fd248e3a052dd3f6ba8269f08522c741addbf9c64d0fc5b28a76cbf16af236f142c911cdaa8f499ba6b4f3af08301e8031f9fe85479ab21a19c42c34071107

  • SSDEEP

    1536:vFIwIelFqR053K8OpYE1G6voBvHQloWGZ5lX5PWFjQ3q39z+4eupY:vXIoFqmAXjDvoRk2bVEKqF+4E

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\NEAS.ad065a659136bc9e4304be5b9ca710f0.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2108

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    f5c88a24d59a7a83b7f81c605cd88132

    SHA1

    7b213e609c0f5b7c5473eaa827ac2ad139008713

    SHA256

    9304325a6f589e366fcb382c9ea278207042da866bd789930964aa0dce10ac49

    SHA512

    49a03c25601c066962248606bfcaddd39affee69d222ba21f3e337268d5ca05a88e6e6868dc5e75cab80fa54e105c8123311a53cc1e88cbec45c555230353066