Overview

overview

3

Static

static

3

1f397642ae...c8.pdf

windows7-x64

1

1f397642ae...c8.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 22:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1f397642ae3e6e274e321a84833d28c8.pdf

  • Size

    91KB

  • MD5

    1f397642ae3e6e274e321a84833d28c8

  • SHA1

    f710318c204235203ab5037d2b1c135b31cb17cb

  • SHA256

    1e2a0731d0a0a5d882e78a84c469e9be9c16afbe56ac58e6196036a062bef3d7

  • SHA512

    3468f024a94b7c505e5cd51bcfd6455715aef77c892b4240f55c8ac2c867b39a9cec2f2ba0129059064ff8124f80ad759d7431f0ba7d67d82de57e85bf2f88e1

  • SSDEEP

    1536:/xzfHHW9g6eEYDkiFwAMlr56uJVsTqyrdzyJ+QC01bKVvgmstn/luPdBV1u4sU+:ZLnWqkQ4cqyrxA9C01+VvgmstnqdB+4Q

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\1f397642ae3e6e274e321a84833d28c8.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2232

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    bcd617e300d1e178a758bdb7dbb99284

    SHA1

    f641bf9a8c9bb091fd721629135333c1048141ee

    SHA256

    9050e23163023bc29d9c7a7568e8a387fb34308e2bb1ea853a9121b53f8fed1c

    SHA512

    9cafa48d33ddeef739126ccf82c08638d83839bdc8b627a469debee1ffa64f8191f1553d364cd3b76fe53c351e2dd26dd1aa9ef455f22556bbd0a383975b99b3

    Download Submit