Overview

overview

3

Static

static

3

191b63857a...99.pdf

windows7-x64

1

191b63857a...99.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    30-12-2023 12:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    191b63857ac59a493b5ada6308a40a99.pdf

  • Size

    92KB

  • MD5

    191b63857ac59a493b5ada6308a40a99

  • SHA1

    0690628597a3e65f28e9d28ad6ffe76e9afdd496

  • SHA256

    28c60101eaf4107a1637b10bc9e497449fd00e17b2a1f53eb7cf540ebef627e4

  • SHA512

    4880aeddac2145a505818befea8d3d6baa6b9b07083d6025c66e33a0c7c993e15cdfdc34a66dd4493099d12bf83788e3979189c5afb954d5cf113b5f61acfb58

  • SSDEEP

    1536:QXJoJDl6GUpzSlSTw3WlBLdQcst56fV07rWLojQpWkNpOPOTtWCz7g:9BsSSwOLdQ3m0aNSPOTtW6g

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\191b63857ac59a493b5ada6308a40a99.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2948

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    78294189d5203b983964435e19f57553

    SHA1

    6a0b0213302c7cd2fa842e377a813de52f923287

    SHA256

    a9f470708ecc33d9e0380b2fd561ac5c1f77408da3e8c1cc33d0df81b119994e

    SHA512

    02ac581b2afe14947ecc2bffc2953bef2cb41c60508313883b49b7a21de41d915b8545c81b847bfc1e9e147abaf0415583bd30a0afa34eedf01ff486f833514d

    Download Submit