Overview

overview

3

Static

static

3

21e391ae16...69.pdf

windows7-x64

1

21e391ae16...69.pdf

windows10-2004-x64

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    19/12/2023, 12:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    21e391ae16765bdb70bd45eb19245869.pdf

  • Size

    81KB

  • MD5

    21e391ae16765bdb70bd45eb19245869

  • SHA1

    b6c2f08d006dec204fdcd003a49df42d98cedc18

  • SHA256

    b92266598ff5c405bce45b1c7c11b7ddb2a641fcdb13aa81afcc1ca5243bc8bf

  • SHA512

    f9f39a4bcf6189f1a308afddea15696a46816dcee3ebb79e848da38b06603d235ee1ea31a0902e65748c0d17e54d47fcc8dc3b01f7e3bc7200b74c49caa6227e

  • SSDEEP

    1536:WX+fItElx5aj+w5gJZSpZE4mSvEZjDIAf4VnqHjbSWI19VRGWspO2w61:O+z7fiZQgE5IAf4Ijbql2R

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\21e391ae16765bdb70bd45eb19245869.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2956

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    25e61094d48abe6a5fc7d46125fcf1aa

    SHA1

    5bcdf21a76813a5825a80b87ebf87d85ffbc86fd

    SHA256

    742efba38121406d25251f4fc39d1b794df56ec5b714d4af2a355940e63736b8

    SHA512

    66eb1e192a9f844ac11ab488e5ffb7bf21314623adc320b41fe80768c63e030268a4afe682d630f23ad99b308eec53030862175d34b2ed40b731adc7e285370f

    Download Submit