Overview

overview

3

Static

static

3

NEAS.6821e...90.pdf

windows7-x64

1

NEAS.6821e...90.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    31-10-2023 08:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.6821e9597f6de46ad926fdfe7792b490.pdf

  • Size

    56KB

  • MD5

    6821e9597f6de46ad926fdfe7792b490

  • SHA1

    1497d861828d32024aae5341a4c7a70c3303ddaa

  • SHA256

    16448f78a85866d3c3dfc79b3ba06e0326af678c27d500dbc2da5b667e32a576

  • SHA512

    ce7b125bd4e9dd5caa52feed2b16ea032f23bb3e0fc0d649dead689e4ccf96be9fd5bae69f756fab402c8a65b1e539721a96def1bd10c5c3d15f0ca65ac66b76

  • SSDEEP

    1536:FRn3llkQQw2yQqMdQasHhVSbEol4UaPWdw9QFs6LW9:NQqkQasHhVSbEoV94QbM

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\NEAS.6821e9597f6de46ad926fdfe7792b490.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2220

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    1186e9726c8f9a0f6372bdb2adb19357

    SHA1

    e47e24ab2a21c9fddb12ea036c3e43c4c19ec4b8

    SHA256

    d1fb036ca10a4f6761887faa2725d4c0ae7ad8619f2ccec7119c2e85703c8214

    SHA512

    2580301ef7a5997d976e7b5b648692b54dc3dde4ceafe3d525648dc3cf1c4c945f7d15b10a4a4e294c01bfc3c9c9bc54d24c332d92a347df788d102136e1640c

    Download Submit