Overview

overview

3

Static

static

3

21672395bb...59.pdf

windows7-x64

1

21672395bb...59.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    19/12/2023, 12:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    21672395bbfc37222bb42f1b72530559.pdf

  • Size

    70KB

  • MD5

    21672395bbfc37222bb42f1b72530559

  • SHA1

    2c0cdd89efef6f70a431abcad70beddfdc92d467

  • SHA256

    97be68ee992417ede23f7902e7093880fec0ed3588078bdeda7c33e3fbf9d313

  • SHA512

    d6d9987ebb20f0df94a288b89993827699cce7eaea1499242b5dcf196f26b82d6676cc5d7cfabb742fb68c1b28ec08ce24217ba9e031c9e0742dfa39832ccf9b

  • SSDEEP

    1536:5ENmPRI1viqACJdoaSOZfjwdPqgBfwMzMYc3lvW6pOu26WdSGhXPZ:+AvrC/cGfjIPhfwuMYcEu2Zhh

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\21672395bbfc37222bb42f1b72530559.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:3044

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    2e4ae261680a51b51cd282dc59b4354e

    SHA1

    157006c9341a64ea7926dcb5b72aadc6a57a6ad3

    SHA256

    4f8ea00291816a3e7bf9ca40ed7e715ba1ba6e9e1935b7a04c02cfca49651c42

    SHA512

    71a6ac3dcda4742c3f903710c048edafa2556ef259da3fc65792368c75974806a1ad69ca11a036ff798c9cf37bca0214fc581644152a7a3124956cb824e5a93a

    Download Submit