Overview

overview

3

Static

static

3

NEAS.806f6...30.pdf

windows7-x64

1

NEAS.806f6...30.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    13-11-2023 04:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.806f64bd66569bb80c454d274c613930.pdf

  • Size

    47KB

  • MD5

    806f64bd66569bb80c454d274c613930

  • SHA1

    14dd19eb29ec288fdc69c92afe52bbb564c00c84

  • SHA256

    b02de731dd0fb728b03c5f25f04182f895e47aa49416475ae64e6c8dfacfcdba

  • SHA512

    61341d6c65a09d7720253b19601d5781a042888e31d9002d7e2ef00de9894805ec5e27d3ff7c7ced2fbbe0dbd553fb67b42eb9a90cc6f179de420a31a70451c0

  • SSDEEP

    768:O5lQdi4rZE+fp5ka8LX/HRJvJIgye7zWKUwV0GecnIgxfsrZgbETW38noy1C+:OU/W+a/H7vSBWnDxEKbB38VC+

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\NEAS.806f64bd66569bb80c454d274c613930.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2360

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    1fb8812d346d2cda1083f6602d31c701

    SHA1

    9dc7b14fb2441d3b9d5206f8b9cfabce47d55393

    SHA256

    75ea05f16690ea9a96aff0776955bc2eb47db6023de0fd3297457dc413241538

    SHA512

    04396d1a7ba2c95ba7158981dfb74f4115fbb5dbcfb62ec49b75ae9d9197dc70532573aea6835862ea9c67cd5a427daadc68f1730f19c0de7c3b375fa937364a

    Download Submit