Analysis
-
max time kernel
164s -
max time network
176s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
31/12/2023, 07:06
General
-
Target
2cb7714311647161809a1b173b93e7f9.pdf
-
Size
19KB
-
MD5
2cb7714311647161809a1b173b93e7f9
-
SHA1
f5dac1f3018a2dc26306d16c1c8cd7ffec4d5b20
-
SHA256
7ef6681c1854e6ddff6d20efde370a1cceeff052db269395d5a106317ee67302
-
SHA512
02b95a8cdc324434c3640961ad8b84901967cc27ad3f118267b481a851542d6bed531811d93fa35943a3595034824d71b971cb1289c273406c8506332c929de6
-
SSDEEP
192:MendUHK86mN6Fb4I5V1xMc9D4o9JYicaJtEbQzEUtYkVQFj+eq3HFwFrww8dZJsi:jQ60odhEUmaeilClo5arb8
Score
1/10
Malware Config
Signatures
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Suspicious behavior: EnumeratesProcesses 20 IoCs
-
Suspicious use of SetWindowsHookEx 7 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\2cb7714311647161809a1b173b93e7f9.pdf"1⤵
- Checks processor information in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx