Overview

overview

3

Static

static

3

NEAS.35897...f0.pdf

windows7-x64

1

NEAS.35897...f0.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    151s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    02/11/2023, 20:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.35897f66dbd4185d65181830295383f0.pdf

  • Size

    196KB

  • MD5

    35897f66dbd4185d65181830295383f0

  • SHA1

    1ef26606ed68a5c4c63fb0322ccb42f0efab2275

  • SHA256

    58d63d81fb9743f5862ccb5480bc3922640f162b76b7731f2c1ae37899e7d5ca

  • SHA512

    6b6ec69b55af5e829b7df7eb174dae0246e58ca67d4ce9b14e77206a71d40b53187cb934285bd42e673e581951637a20fec8267b5cf88a5dbd974126fd9914e8

  • SSDEEP

    3072:s5Jy6ernLX59bbmHcDJK33MPsSzRIang4XYMvRYxtTWKd332/icG0dShS3hV47:se6ernj59bbm6JhhlI+J6WKd2acG0dnO

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\NEAS.35897f66dbd4185d65181830295383f0.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1960

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    a5f4b686e639fff3a471b99acb00fc75

    SHA1

    a37189899c2932a882dc65d6dd7bbef8a5d035ad

    SHA256

    8137a72d18f17a7ef6461ce332cb47eef8e49f15bd706bf69945a2c1b5830599

    SHA512

    c25c346d2c04a49e17260e43c4c8e3cdd7f83de0ed51287084ad588e49dfe04db9443c8eff46047f22852a2cbe42870f2989a27065a4aef31aa559de1e57169d

    Download Submit