Overview

overview

3

Static

static

3

NEAS.9e0f9...e0.pdf

windows7-x64

1

NEAS.9e0f9...e0.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    22/10/2023, 18:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.9e0f9f1100f74bc0205158a9b1cd80e0.pdf

  • Size

    491KB

  • MD5

    9e0f9f1100f74bc0205158a9b1cd80e0

  • SHA1

    c15c9e83b58f8de9aeb2986f95255ad823b61171

  • SHA256

    f3098b43dfb4c7445bea0bd0fea3cb945e28eae62e3624b0b49bcd74fd42d861

  • SHA512

    afb0b44906c55db360832eca8053eefc4a2a84392d94f2580bbf7d99b5f620c4a2f398bf304ef6f01a13f2cda568113ad7ade811651f6a30690f6e4e5d6635c7

  • SSDEEP

    12288:Xq3i2N0CJndwo/hY8RenUMFpJSMpeK2F9lj/BIXPNdnthc4f:XgZdwo/y8ReUMF/SfK29/8FdDff

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\NEAS.9e0f9f1100f74bc0205158a9b1cd80e0.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2668

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    d1e52ed0b40627e611e30e9687020df7

    SHA1

    488519f540fc0320b5c86c054931962471b854db

    SHA256

    bcd0f8282d7ae033d2ed2a5352398d1fa0ba40244f60e62173ed379b8aaac0b9

    SHA512

    ad9219a82e42dc7af1fbf414fc7ab82be133b6a3e697cad85041f2436735dc0e0604f2c6ba151038f1687bb72497d13b64d02c8390f4dfa3d8280d341b832f74

    Download Submit