Analysis

  • max time kernel
    152s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    03-11-2023 04:03

General

  • Target

    NEAS.4a5d6946a9b23ea9a99bf2a162f7c5e0_JC.pdf

  • Size

    286KB

  • MD5

    4a5d6946a9b23ea9a99bf2a162f7c5e0

  • SHA1

    a546f6fb4f28137f86253c5266c6a6434f5bc32c

  • SHA256

    2bea106768b0cd78f5933a93d7c410237d14e8ba73f863ad55394ba06eda1784

  • SHA512

    30a086b4013020725977b4c081a1a15b45ecc5a788da625cce30989c4efa62bfc19cc625a8eb9ad755c2b013d04b87802102c9421425de2444f81337f0532f26

  • SSDEEP

    6144:O5pEUVi4XxoS8WRtBADlCrW36sc4wI65ZWGJJNwk8ucW30LZj+u:O5pEmislAJCrW359HGJJ8uREdjn

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\NEAS.4a5d6946a9b23ea9a99bf2a162f7c5e0_JC.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1588

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    504c6b91595487b2fb07d17d749e44c2

    SHA1

    9410d403fedf112b77e72800641cc5868664eed4

    SHA256

    76d74bf1e62f108cf004d79802b9aa010332d92c70cccce7fd24d543654cb617

    SHA512

    d9eae6b4b519221b18071d482393e09562f14cba0313e38ed950d6300f949919f0e390a8e11c578ea22f8e9bbec95268be6846bdd1d5aabb2d393f573cce4b71