Overview

overview

3

Static

static

3

04d029dc54...b8.pdf

windows7-x64

1

04d029dc54...b8.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    166s
  • max time network
    174s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29/12/2023, 21:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    04d029dc54d3434a12896941361e9bb8.pdf

  • Size

    47KB

  • MD5

    04d029dc54d3434a12896941361e9bb8

  • SHA1

    6a74b157029dfc929b164387597c3a0f16d5da70

  • SHA256

    de5a3c8abf1c2f8adf95f750b68813a29bff09f946dbc98f4d32cdaa07b71f60

  • SHA512

    fd4f5dc1db54e546717ce36b8e6264df15d35de256affe774341debba94a65fd811d6d7b8c88aeaed57703894ea26c7e42241a11afee07931a86892e686bf558

  • SSDEEP

    768:1u+XzmbV+5Uk/ScxAm5rQYi8SjmIFRhCpx/tze8K4wDewnUvgJ3or:qkRA6w8SjmYDg1ty8K4wUvqYr

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\04d029dc54d3434a12896941361e9bb8.pdf"
    1⤵
    • Checks processor information in registry
    • Suspicious use of SetWindowsHookEx
    PID:4156

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads