Analysis

  • max time kernel
    121s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    22/12/2023, 09:41

General

  • Target

    82207363e8a860e3c79be4e94cc3ec64.pdf

  • Size

    41KB

  • MD5

    82207363e8a860e3c79be4e94cc3ec64

  • SHA1

    9cb2c99d8c68a09866a4be8de8e2f1d0bca3cdd4

  • SHA256

    eb5cc852948f2a0221c4eee55b40cfa0805c4f3aecea7b7be791114117bca5ef

  • SHA512

    ddae53a044a591b77d039c51ea615cf6cf80ff28032aa16461fd927491aefd4f21d37f821407aa113b8a5bda7c7e49aa68bb38b8c423068576e6fe97d1b2684e

  • SSDEEP

    768:S38m1WNr6/fD/2f307s+cpx1MNLc8OfodYx3F1Q0kOE0uu:QL1QrBfk7sFx1wL0guxV1Q0Khu

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\82207363e8a860e3c79be4e94cc3ec64.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2908

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    52631d395e6f701ab2e03a7cf2bc99ef

    SHA1

    d9d12c4bc776f35febc9dd0cbed56728258ff251

    SHA256

    7ac5fbad11b2493281db3cced36c397fb7b39494107e1a3a0e0b318357b7cfef

    SHA512

    73ce8d341856bc6049dda149b4e52a34e1c1c957910ba16d0a3cd3dfb2e26b3e8d20c7d6ea26b2df70f0807f3e6a8faab8d34615b211a91847c7007fdfaf095d