Overview

overview

6

Static

static

6

INV0019146...42.pdf

windows7-x64

1

INV0019146...42.pdf

windows10-2004-x64

1

data.json

windows7-x64

3

data.json

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    22-12-2023 15:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    INV00191466_202312210842.pdf

  • Size

    111KB

  • MD5

    4a7f0362a6293d49184dd7d26eeb266c

  • SHA1

    89eca524ef7a4ebee91185caa51f19db12763ea8

  • SHA256

    2ed55e1ef5864304bdf512b2689387139289d6af2ad3ce715a0b1c1dda5e4694

  • SHA512

    e4b198950ff566c1350726478ddfb215d931fcb635a786b8c96675f05f181eaf043f88b72b31f1ff717664b764fac1eeae6c2425ddebd68c68b150ff01a6b907

  • SSDEEP

    3072:j8bStiZiT+ZZ4wrvJXgCVMN2ujfbnkHHO8mcYkJZ:j8bSUF74wrvJwN9bkHu7JkJZ

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\INV00191466_202312210842.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2220

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    7039a4cdcfdf784db459216bfae672cd

    SHA1

    c3d7c21e340b7f62817b5af7539669a68d110883

    SHA256

    14bfac354f19cb3619ad5bb42bcedee1d1dcfaf9f76226a3a9c4a4aad0553919

    SHA512

    f12dbe204521e37ceba747d60c22511a0934eeb6008c1595b5d521b9591fc0b9cafc250a7a46634b3bb058dac2efe3b132790f97d04e762cbb80fec2561fcc5b

    Download Submit