Overview

overview

3

Static

static

3

6e18a43f92...0d.pdf

windows7-x64

1

6e18a43f92...0d.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    162s
  • max time network
    177s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26-12-2023 12:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6e18a43f929c0c760d018d96f5cc610d.pdf

  • Size

    87KB

  • MD5

    6e18a43f929c0c760d018d96f5cc610d

  • SHA1

    ae71c31959f6d764b3a47288a0a63f9544dbc238

  • SHA256

    f44ed738b0edd6246cace1da2d943a1c7f3435a7cde262b74027f0e1a7e7099b

  • SHA512

    f5e9cd3a1874fdbd4e017b5c9d0883112af43346ad388e5ee3f3e564435ad390d034bb0473c103be36a5ed5b70ebd66799089d802d46623d6a2cfa56e918804a

  • SSDEEP

    1536:WmAES1YpO19oOD1flIUfzaI7nmjcL+6Iwo9zXs5rleWskiWbHjbmkCXPiJHWQpOv:HXS1YpS1frfmOP+Fwo5XKGkxDjbmk+6Y

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\6e18a43f929c0c760d018d96f5cc610d.pdf"
    1⤵
    • Checks processor information in registry
    • Suspicious use of SetWindowsHookEx
    PID:2524

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads