d2dcfc3da241bec362a20e110f9e89a8dcaf01a173320b6a18d5305c6ed8c9b3 | Triage

Analysis

max time kernel
122s
max time network
143s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
26/12/2023, 12:01

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

6cd51dcd0bd4e5955cbfb5ae6af1615b.pdf
Size

66KB
MD5

6cd51dcd0bd4e5955cbfb5ae6af1615b
SHA1

90cf947eb2c3a8ff56260a693e14d8314e128c0b
SHA256

d2dcfc3da241bec362a20e110f9e89a8dcaf01a173320b6a18d5305c6ed8c9b3
SHA512

94d27c1187904faa2e344cfd04b4733f0fe2dd8c476d4691594da5a538a8d75185a82461a1744f1b85450b23f207a7a15365a8cd55e016b8ca490f1582b552ff
SSDEEP

1536:wZEkY7oHrOlG0qZ6OzhKQ32RczWUY0ibU:WEfwWG0u7hKRRc9Y0n

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1720	AcroRd32.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
1720	AcroRd32.exe
1720	AcroRd32.exe
1720	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\6cd51dcd0bd4e5955cbfb5ae6af1615b.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1720

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
93d12752a993ea36bac553ff4cc453ff

SHA1
845bfba455749652a3a75ea3a25f17a0c6aefcb9

SHA256
d0e52ab2d99f54f1109644c350778b27747b3c08970495504212bbd60b0fc6fc

SHA512
cd0881bfa127c718b7319f4a5d31ef57c012cd1fd3c05207b57206a0c68f4cc39123f14395dbc578fd64603c2ee811807257e61fff4a5c623c14154a0a83d7a0

Download Submit