Overview

overview

3

Static

static

3

01e13120ba...52.pdf

windows7-x64

1

01e13120ba...52.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    29-12-2023 19:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    01e13120ba410a7f06df494c29022952.pdf

  • Size

    79KB

  • MD5

    01e13120ba410a7f06df494c29022952

  • SHA1

    22c230ef1bd387848f1b2d5bc1bb92215ef7f26b

  • SHA256

    8ba4daa5bcb85810280a2229f16c0affa5dac5acdb2c250545efeb3eedd417c3

  • SHA512

    0adff801fee64efd1269bfb8ee64f416c44c983fde9f2e5a1f11bd9d2f69a99005e2b67fb66c371ff5459afbfa0d05875771d10a6719ce090b6902d0b717ce22

  • SSDEEP

    1536:KGUZ3zwesShJPIC1pCO0hfo68h2ue23FjFJSdk1aJiT/BjnOkAkWVinuW:Jm8esS91pCO0hfovh2IrQO4ij

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\01e13120ba410a7f06df494c29022952.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2552

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    3bf39f1731c1aa0db7c8c55092be2b65

    SHA1

    a87cf7f391bf525ae647184d9e7a2aae7155c30b

    SHA256

    1602cce4a287187a18e093df81e52b1a681238c95af9a5a464da3629cd22e673

    SHA512

    67ced95b3e6b89a7cac90d60e7335a7651db6cadc937d71e9e0275ae2cb8c3f391fe98ddbbac1fafa8135d31d7b7f949d61515012e4a36a9eb17fbce7f9e1674

    Download Submit