7d2e6042b898abbb78e21944e7e1d10c7a8a39b2cccd8136ef9b20fb8a7f4d9b | Triage

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
25/12/2023, 23:01

Sharing

Report Analysis Logs

General

Target

41dbbe24830b14857922c2bc1c1fa7ba.pdf
Size

13KB
MD5

41dbbe24830b14857922c2bc1c1fa7ba
SHA1

93044812e062e8024b5991c13e7c2a737cb88447
SHA256

7d2e6042b898abbb78e21944e7e1d10c7a8a39b2cccd8136ef9b20fb8a7f4d9b
SHA512

26ed710e39cb01befce00c991664ca187c58e34c8d5c94022e90f7f0fd6ab5ccdb4224a1dce791e282d05b841ffe3bcb27b90dab97c91c4e7f84564a76410e04
SSDEEP

384:WhzaNwAO9Giz333j32sx+TbOxkQi/60G7V0Js:2hZGiDnTVkQC6dSa

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
2988	AcroRd32.exe
2988	AcroRd32.exe
2988	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\41dbbe24830b14857922c2bc1c1fa7ba.pdf"
1⤵
- Suspicious use of SetWindowsHookEx
PID:2988

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2988-0-0x00000000032D0000-0x0000000003346000-memory.dmp

Filesize
472KB

Download
memory/2988-3-0x0000000002170000-0x0000000002171000-memory.dmp

Filesize
4KB

Download
memory/2988-4-0x0000000002170000-0x0000000002171000-memory.dmp

Filesize
4KB

Download