Overview

overview

3

Static

static

3

NEAS.ef78e...70.pdf

windows7-x64

1

NEAS.ef78e...70.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    22/10/2023, 18:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.ef78ef82a4c1f2d3d9a47cc38bb2d570.pdf

  • Size

    34KB

  • MD5

    ef78ef82a4c1f2d3d9a47cc38bb2d570

  • SHA1

    fee14e45eef9501de5c50ff3e4ae149b41c652ba

  • SHA256

    ec9cf9dea8a83f529d91e5453352019d796498f241c1afc9bb9b1a442e3df7a1

  • SHA512

    49086cab5f829eca1b07d121363d199043606e9b81962e9fedf107aba7aaccc208f18c7b1dfa6ee1815560c10426e5dc883df11bbe569d0a029a3693361a834f

  • SSDEEP

    768:o2Syw77sXRqXhnoCPwkWOBc1LblVBfF+kBF/tLsvJd1KbpkJ0:58RwhOcLJjFVF/tAbcaJ0

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\NEAS.ef78ef82a4c1f2d3d9a47cc38bb2d570.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2348

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    5dd1addc8c182d706b38d85a7100052c

    SHA1

    0dde8107d94ba223c84f419cfaf520fb46f95720

    SHA256

    add6d3aaca38186ea8480756fdec19829a39e67e380ba806333df7823b6f4b38

    SHA512

    c1c0543d77ee212a3eca9b05ab6f1badbb7c0b0cfa2634e9d57a5c3270a3ac6ed97d166d9c2df1e7d39bb3af32532a98d3f8d474731e6a23230da52999627b73

    Download Submit