4a11e58413c20a53041c70232151e57e404f4250752fc4e1fe96251d17e0489f | Triage

Analysis

max time kernel
122s
max time network
126s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
26/12/2023, 04:14

Sharing

Report Analysis Logs

General

Target

532a38895420140c51745e549278da8f.pdf
Size

14KB
MD5

532a38895420140c51745e549278da8f
SHA1

c1689aba028225f3161f34b5ae51a68682bbab2f
SHA256

4a11e58413c20a53041c70232151e57e404f4250752fc4e1fe96251d17e0489f
SHA512

07524fd0f65534cd12aa173fc508255426723090c009c8c4b72dfdde0e57c24c36fad2bcc4cc7475048e61e4daee3636f51ea9fd23a791047a9c513c984d9fb9
SSDEEP

384:+hzaNwAO9Ginob7cXLIdK4phdQi/60G7yNVg8:uhZGin0QX8nphdQC6dyNVZ

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
1228	AcroRd32.exe
1228	AcroRd32.exe
1228	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\532a38895420140c51745e549278da8f.pdf"
1⤵
- Suspicious use of SetWindowsHookEx
PID:1228

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1228-0-0x0000000003DD0000-0x0000000003E46000-memory.dmp

Filesize
472KB

Download
memory/1228-3-0x0000000002730000-0x0000000002731000-memory.dmp

Filesize
4KB

Download
memory/1228-4-0x0000000002730000-0x0000000002731000-memory.dmp

Filesize
4KB

Download