Overview

overview

3

Static

static

3

08df6e69d8...fb.pdf

windows7-x64

1

08df6e69d8...fb.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    158s
  • max time network
    160s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19-12-2023 10:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    08df6e69d84e93c9ab0f2aa7284bd0fb.pdf

  • Size

    77KB

  • MD5

    08df6e69d84e93c9ab0f2aa7284bd0fb

  • SHA1

    bf721b76aa538009a1e9febf0e076d56334c9164

  • SHA256

    77f7993b559a8c42fd26d31db44672aa0a9204246cae18b77a9c0b1e1cab1a1c

  • SHA512

    bd110817f531e6373bd270f4d6811600149028da76ad18571020837f6197e5ee0481d2629c5a30fe99069cdb1b0944be71dbe5dcf8758244596efd76e5107470

  • SSDEEP

    1536:JUwSqMQax/U1swlIySgUfDNBYc8twIp45dxU2sKrWQpOCoWxUe5M0Yfi:QlU1swlIySgWhBxgwrTxUzKWC75X

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 12 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\08df6e69d84e93c9ab0f2aa7284bd0fb.pdf"
    1⤵
    • Checks processor information in registry
    • Modifies Internet Explorer settings
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4212
    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
      "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
      2⤵
        PID:920
      • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
        "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
        2⤵
          PID:556
        • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
          "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
          2⤵
            PID:4328
          • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
            "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
            2⤵
              PID:1484

          Network

          MITRE ATT&CK Enterprise v15

          Replay Monitor

          Loading Replay Monitor...

          Downloads