01973c0a2c36f0ee705e4163f89c92f348ce3bd808ce856934a043e0f993d343 | Triage

Analysis

max time kernel
117s
max time network
118s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
30/12/2023, 02:02

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

0b034db5f2d245f1a268fc40341a5f19.pdf
Size

61KB
MD5

0b034db5f2d245f1a268fc40341a5f19
SHA1

30318122a8e76f452c4dc334ef9fb814fc1c5e54
SHA256

01973c0a2c36f0ee705e4163f89c92f348ce3bd808ce856934a043e0f993d343
SHA512

91d834aabd8fbf9b024664b92fbafeb202e51eff9add02d9a137b7f81a60a600afc29742b7055d99d2a02dfe853aa1138a03c75382ce6f2b2363e2779afed59d
SSDEEP

1536:dj5JgOFvRdXELknGn7g5TvT6+0Q10g7ZeiqyPK:xgUvRdXELknGn7gxh0I7Z9q1

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1928	AcroRd32.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
1928	AcroRd32.exe
1928	AcroRd32.exe
1928	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0b034db5f2d245f1a268fc40341a5f19.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1928

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
5e87b91ae27f06be70fa1bf568ab8ccf

SHA1
8266ef5c28cd9fda3c0a35eab09e8a05af875699

SHA256
07193fb9c9d1f5e172f269f51c4a3f8a49fe0ef7ed952f2e970ae440cd818d3f

SHA512
3070ebd891dc8624fb562077b69f8918d0dd925d35b1d036da15f382510e52aa13efc63d995bfcd8b3a287d699eff11e4cd9f8b5830a87753d485c04596a9ce4

Download Submit