Overview

overview

3

Static

static

3

NEAS.cf6c0...f0.pdf

windows7-x64

1

NEAS.cf6c0...f0.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    178s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2023 19:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.cf6c08472f7d77cdac5a4e321de92df0.pdf

  • Size

    114KB

  • MD5

    cf6c08472f7d77cdac5a4e321de92df0

  • SHA1

    b5303b31f8b62a1b9216c01929828d073b7b0066

  • SHA256

    117eee15be7b677557a6bff2dc33b12b3cb9f71a2dd456e131f0208d6d15a4a5

  • SHA512

    a9379b795560a38638910791e16960f59a55df0b6f02893d80d074395eec9689cd4aedd7a4313b5a3649ec08a88fe89a440e3201a870ef948e4f41a3ee1da8c5

  • SSDEEP

    1536:u897i5pJT7SCgsq0/dgeahjm0/jnaemCBmjz7hMJ1qXjZmnfhUNjQYdob9AxH:u8pi56CLq01ahjnvBmH7mmjZmfeQ+ob8

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\NEAS.cf6c08472f7d77cdac5a4e321de92df0.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2868

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    97bf11be3e3f0719ab58ebdcde80449e

    SHA1

    57e4833164ccb8675e20e7a58606fbf079bfc9df

    SHA256

    24af3dab5b3c9c9059c045e9069d7c6520a4a98bbdc98b088ddd4c41c56cf024

    SHA512

    32827738090105b6be51e998b3b9b4dc7290ae77e3beb07a9056332b78894b9cd07bba743f5d97c4b8937c9297dced6d17011af49e9ff32445775e9965fb215d

    Download Submit