Overview

overview

3

Static

static

3

49d1f38763...62.pdf

windows7-x64

1

49d1f38763...62.pdf

windows10-2004-x64

Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    19/12/2023, 15:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    49d1f387635a9e7007e96afaa28b7862.pdf

  • Size

    76KB

  • MD5

    49d1f387635a9e7007e96afaa28b7862

  • SHA1

    cf9c18dddb3cd3033953e32b8583e6945289f7c8

  • SHA256

    202440cb1a55b4d11771dfd3f6aad6f10e7d9196cb66ef0ab84ad83b2c919341

  • SHA512

    520d46eb0a4b09bd12c76a5f2c8870c2a3de43a3eca3657f374370c3fe6e9e1fae4e96bb84d26ac10b0ef7d443c1d332d4fb19ea3a8c55fd361a5c49b50c41f3

  • SSDEEP

    1536:UZb5F2Eak9a6o5UAn+lQOFyWypOlLYV3rCfWENKDHFw0O:q9aQPo5UBlQOplLy7CnKHFA

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\49d1f387635a9e7007e96afaa28b7862.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2960

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    6dc7328087e915d8d191619365368268

    SHA1

    d7229df802720e62fda0fb494d773c4450767be2

    SHA256

    a6d2d3979843e368a2f7409cc7d676b890d0924cda0d51c8d45ab27c9313adab

    SHA512

    fd0dd2b59e87fb32666d97816626cc8b2ef04eec546086e498907a0abf2cff435404250d40e2c86779ceaa3e4ca119c19f887b63b75f13efa1d397aa2f2ab498

    Download Submit