bc41a27e885f717720b55583a5ea6199d47451223eee901a11120688be387c8a | Triage

Analysis

max time kernel
121s
max time network
124s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
31/12/2023, 07:13

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

2cef95997a98499406c33afd83a171bf.pdf
Size

34KB
MD5

2cef95997a98499406c33afd83a171bf
SHA1

fe5dfc603257681285ed5508403e7b8a6b139274
SHA256

bc41a27e885f717720b55583a5ea6199d47451223eee901a11120688be387c8a
SHA512

d8861b2ecbecfdb8ee663f944b186a178a9286f3e65e4c4f364086f29128eaf0619e753f542f9029c7723932818033ccdd3d61313efce9f2dfa21da512df0cb3
SSDEEP

768:iDo1VstQvQ8Z/0vnWguG5CcTz7CSdoM60XA6ZwJ5d:iD0stQvZZ/aumwb0NwJ5d

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2288	AcroRd32.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
2288	AcroRd32.exe
2288	AcroRd32.exe
2288	AcroRd32.exe
2288	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\2cef95997a98499406c33afd83a171bf.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2288

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
bca1a7efe57069037c1953c40861cc5e

SHA1
51e15f7ed56adfd0571c72b3d7f4f18c3faeea8c

SHA256
de60717746cf90a3dc82ffed37482038268b4664e11eaf923e1583f922f2e1a4

SHA512
bc9c268c47a757eb8422e2c247af9e4b06f060e9ace80eb5d6083299f2cc280994f312e9012693b0fa2f4f4696d546f48a9c7d7c620e171903550aada435d96b

Download Submit