Overview

overview

3

Static

static

3

NEAS.20c6d...a0.pdf

windows7-x64

1

NEAS.20c6d...a0.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    03-11-2023 09:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.20c6de1bd0bfb628dbdf4420705950a0.pdf

  • Size

    48KB

  • MD5

    20c6de1bd0bfb628dbdf4420705950a0

  • SHA1

    090ba5f585ac00d606ae0476dbf4ae6f87eb237b

  • SHA256

    d01e591c73bc3d72138b3e2a04538d961683026f0c5a40e49247cdf7fea917cb

  • SHA512

    6bb07970761205d966dda0500e86a8de60e5b075b444b80fb611a35dcec77255cd535fb14f82af6a4df56a3359755bc7ef70e1bbe3f55b2ea0aa2fe48244b325

  • SSDEEP

    768:Vzf9zZNoTytqbRVo7bPe6sOnnuft9y6rl3wJWCc6Kr4XSjjFYLpRr8Fy6X8vkY7Z:NznuFaJNk2SFYLpgSJJtP9SjIm2LL

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\NEAS.20c6de1bd0bfb628dbdf4420705950a0.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2156

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    8f7496ef710817cc301d90a41239aad5

    SHA1

    73ea7e148f773e44430730aefa5434bc40a392c7

    SHA256

    d42a900375f11369b607856f9d8bd69be6355a61fa09565ca790d1a22030371e

    SHA512

    c484ece70b1c0aafb53911bad632864f67f65b5a3d9a7125be2223446748c1ec505dd441d3c58a40aafb15519d1fa142ccccd0fe5510bd2302529afe7ca610d6

    Download Submit