7f7e88e5721e3eca08dc08228c3e92d2ac502a1eedec342a9a8a152ee93702b1 | Triage

Analysis

max time kernel
122s
max time network
136s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
20/12/2023, 04:37

Sharing

Report Analysis Logs

General

Target

www/assets/test.87966fef.pdf
Size

16KB
MD5

86048d0218614eb56e5127bdd5ae234f
SHA1

0978fbcc546bb35432d1732d15779d8afda99f95
SHA256

87966fef8d64e9ebd63bfb0aa43241b83673f0de2c22580d8e892c33b0c36851
SHA512

7948f25ad8e8e3e6376b4a5c01385d46b28aa1dcb1fe3e9ac0152f7b1ac371cdf6a29eba42ce46625908f0453cafd46e51c578d79e43e1ed6e2162288a6e99eb
SSDEEP

384:wR/e5I5UzngZkqnj3xhBZKbOMQQdTfbt3bp2C9c:wU5IungZbnj3xhbKwQFBds

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2636	AcroRd32.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
2636	AcroRd32.exe
2636	AcroRd32.exe
2636	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\www\assets\test.87966fef.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2636

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
125544bcfa2df4202dc248b7223d56d9

SHA1
d6decfa04ea74cd5a6f28f9e61273ec21e924861

SHA256
773d5163b74ba62e292da64ea690f32954e261d1459439d94d645c765c1ed340

SHA512
33e3d0412914b201d10d1aa7b4d0bb5ba85d80adcac34bdc6a4c3c2583debd6d6de94d977199616770654240c145794207a39a71e5fa3376f921683971157ad2

Download Submit