Overview

overview

6

Static

static

6

349126b580...17.pdf

windows7-x64

1

349126b580...17.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    97s
  • max time network
    29s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25-12-2023 18:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    349126b5803e67a565db87779cf80a17.pdf

  • Size

    64KB

  • MD5

    349126b5803e67a565db87779cf80a17

  • SHA1

    f8286870923c649b07d1e83b697ac5719c53d888

  • SHA256

    48c59bf45a36c6f19c3469b434b6f561199bb5e1abc427bbb8b373b0fe6ad1a2

  • SHA512

    faf28e4cb758e5a422a8b6d8a473482c2e4477148a5038d975c09998bf3eda2c6fa22987a03ce706015169a2235683a19eda1f71abae204ea62adb1ef998e314

  • SSDEEP

    1536:HShrgvX6JkNjzHWml2aYv/bG6oQXhSWvTn2OCxHtFdJG:yhcvX6JSjzHcaaK6JSOn2ZxHtFdJG

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\349126b5803e67a565db87779cf80a17.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2416

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    2b85b67d6097a2301637b10d2036bb98

    SHA1

    4e2417c18fdfa3fa217b033d02c69c2345ee2ea6

    SHA256

    2943d1a7c1a6a70b75d12cf15652f002570b47ffe9a60fd00d098e7e3b1f94cf

    SHA512

    e0c7e1cd2a26b0968d3905e39390824d2570895daddb49a38884468daa4cea909c592e431e948293637756cdf5485b5e36dcc3dcd0f172cd6e735ae4fbafeb1a

    Download Submit