Analysis

  • max time kernel
    152s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    15/11/2023, 07:48

General

  • Target

    NEAS.43cd96da9ae8fc2d4e117aa52d229f80.pdf

  • Size

    120KB

  • MD5

    43cd96da9ae8fc2d4e117aa52d229f80

  • SHA1

    746442571b89f0eab4d85117a12a5cb55bc5e78c

  • SHA256

    2d39fccfa9d85c84fc69c75711db23f90d2e00b004256d370d07448c6b1e98f9

  • SHA512

    ac00e53f6610287dbc22e153da0bb59bffd8a030ac8f041eaa58f8c7fc2f61761507807a6463804ac12424c922cb411e6aa8fbc0bbb5f826641b42af2c7c7355

  • SSDEEP

    1536:HE80m3GtfiWmX2RgBkLZavod+VBJ3M37XMOANB7nOF5bnCem7sPzMTLoboB:Hl0jIkU3Vb3M3TNwe5DCemoGdB

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\NEAS.43cd96da9ae8fc2d4e117aa52d229f80.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:3048

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    84a8bce24410b9443a998efc2b264133

    SHA1

    947112c59a081ecf6b4142b633385325332c09ec

    SHA256

    b671047d5a1328ee43c7beeccfa01a031f0043c2189420b44cb8443190bab8f9

    SHA512

    a9e07947ae2250719014e20149f560b694ca83ded092dfc41a000363358db31c956fa29899b4dfb5cb0a3e716c3b4a2602bb6f80dc5a3592c4b160f996ea67b3