Overview

overview

6

Static

static

6

1a5d830c40...25.pdf

windows7-x64

1

1a5d830c40...25.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    164s
  • max time network
    178s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/12/2023, 13:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1a5d830c40125ac95feb8e894f900c25.pdf

  • Size

    110KB

  • MD5

    1a5d830c40125ac95feb8e894f900c25

  • SHA1

    d8369be2691056a8e5aed83251de188386ce1efc

  • SHA256

    8c3ed730724742e5440818ff6f901b3e1a592812b1fc731f50c414b9eab2b664

  • SHA512

    8c16eb69ddca1ad069f1445a89ae5b991a8c83278c944762d54eb61bfceb1069f93dfeced17e20f18aeb508d8abebfd2c3d611c8c09eef1934a4f3836e9871ba

  • SSDEEP

    768:DlMWZSVsV1YPveYmYGbLB/vbQNK775BoQ4mijVJipEhiD6T+bIxp0sO9PGVigGZw:Y

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Suspicious behavior: EnumeratesProcesses 20 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\1a5d830c40125ac95feb8e894f900c25.pdf"
    1⤵
    • Checks processor information in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:4832

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads