Analysis
-
max time kernel
167s -
max time network
178s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
31/12/2023, 02:33
General
-
Target
2499ad33e7ba9e64f0a797535c7bcfe8.pdf
-
Size
88KB
-
MD5
2499ad33e7ba9e64f0a797535c7bcfe8
-
SHA1
0c1268cbdf7f0df5309b38e6ec8143183c28acce
-
SHA256
a373100a469c1096cac71b13a6e61c2daaba6bf4bbf4855aeeeab3de4e3bf2c9
-
SHA512
6c06670fc0500989aaa3d68340d148a8a5181accc845652468dd8413abeee56d5178aa51b8bfc050fe9881fc1d6b200ff4924c00ef853b26a3aaac72620ae38c
-
SSDEEP
768:Dg/gVDxbmHC8BsHFG2gJD+znLriWUq6B6mVXenEsSv009LATBe62QzTJw55Nh0CE:xcBG
Score
1/10
Malware Config
Signatures
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Suspicious behavior: EnumeratesProcesses 20 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\2499ad33e7ba9e64f0a797535c7bcfe8.pdf"1⤵
- Checks processor information in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx