Analysis

  • max time kernel
    122s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25-12-2023 21:41

General

  • Target

    F13OligomorphicVirus/F13OligomorphicVirus.pdf

  • Size

    278KB

  • MD5

    388dffefc810d8595cc06cc70b15367f

  • SHA1

    394dc66eecc891af58fb4288e5a493629ea89e6f

  • SHA256

    f323e6b28dfc68afb56421b250223966d63db670eadb56731b6578791884f871

  • SHA512

    ab19b749804d78c775d93b58bef5ffd023e3199fd68a417155464cd3f6891133b830afdbcc8cdf08bc07b067b7e28928c20465a0a403bdd72b69604d28ee534f

  • SSDEEP

    6144:wwBYXrf9BBVCdnmKhMltCcLqqqqqCUN/zZ/hyXitdmgcAdlkYlqdtv:bBY5NCgKstxqqqqqz3/eg1tq

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\F13OligomorphicVirus\F13OligomorphicVirus.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2896

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    508af7a745a9555e2bda5c5abd4a650e

    SHA1

    528a203f31d62747973a4363d94f83ab44b1b560

    SHA256

    c6b73f76e7f2beec2f192cb281f6c0147a2bef3b378f02e865f096fc82e07e9a

    SHA512

    4f5c3d78bce3c653434e9f2d52565f6da0a7d1e41c7714ae9400cfa82814da25a1417b552fb0f548a93566173f7db99183804c414a6b66035da52fd3572a7141