Analysis

  • max time kernel
    120s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    01/01/2024, 22:05

General

  • Target

    3dff9be58fdd6da4e921462141f7d18d.pdf

  • Size

    77KB

  • MD5

    3dff9be58fdd6da4e921462141f7d18d

  • SHA1

    1ae290dfa080cb22121e5cbd081cc2bd54dfe766

  • SHA256

    67ab71146de92bc8ba02016b810e63e663ab3a873250e433196d1edfceb05907

  • SHA512

    0110889f654fe7983ea6a62fd63bee7b6f04689fbd9eff5db0f78c881014ee99844bc55212d21aa60ade0b00ab9ca6db30303744f194935e1a390a1057effa9c

  • SSDEEP

    1536:qQ7e4kGu7FaTUx26qkSay0JYNiRLWEhy9VWU8YXjdvW7mpFg3MyHPTLLWQpOCRT8:Rns7FQUx2jkPyCYNsSEhS58SWKpFg3/m

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\3dff9be58fdd6da4e921462141f7d18d.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2772

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    76821cc8d9303ba19f07f1e9e215e90d

    SHA1

    d0165d8f10c6d5e65df22c906d31655065a2eca9

    SHA256

    b300a1d4a1766a89b64297a04c0136c4cdd5d0d94e81af4a3ea6236f2c1354e0

    SHA512

    f2f56b307f7219ee6f244dc3049bf4d77998fa882210ecce6c6a000d09b19cbcd423cddb9555f977477dfbb2fb538873db24fdbbc99861f2abd17cfaccd5987b