1fc8c5f8d30a26bb1679b88a6c991ae1f6adf8e2c38d6fb669dd68908ced1914 | Triage

Analysis

max time kernel
118s
max time network
122s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
29/12/2023, 21:34

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

048e4971f8d8b318f219d99e3b0f3115.pdf
Size

104KB
MD5

048e4971f8d8b318f219d99e3b0f3115
SHA1

89ab2f2b7e9a04429e1ecd69e0dc402eb15027b4
SHA256

1fc8c5f8d30a26bb1679b88a6c991ae1f6adf8e2c38d6fb669dd68908ced1914
SHA512

ad060dbfe54e4b5e95a5af5663c10955c761fc8dcf5a62125513672a244d3630fcbceadaad0f00b34799e00743148dd82438c1f5c358fcd07ec100b89b9bfef5
SSDEEP

3072:NfLj6cL1jv6oN8xvmprr+2gVZLuVgsQyCs:NjOchjyzw5+2gVZL/a

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2268	AcroRd32.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
2268	AcroRd32.exe
2268	AcroRd32.exe
2268	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\048e4971f8d8b318f219d99e3b0f3115.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2268

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
a5d57b10a615c7b7c3048eafbda70b11

SHA1
4eae15c27fa55c7b6b6551dadc4726b86d4598aa

SHA256
99de901459fede92801eeaf387a5a2a2491621e5ef0c502b5c752b8eca27aabd

SHA512
f903ab69dda32287360ed7633cf2612731a28b9d6137f90edcd9c30169e7c6b253a7790ab000babb5090dd3a1c16a62fde0c9004297d8f9c3f0c7fad00dd3d91

Download Submit