Analysis

  • max time kernel
    118s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    01/01/2024, 23:29

General

  • Target

    3e25a00ba9b3f06e55e83f75efb1e0b6.pdf

  • Size

    90KB

  • MD5

    3e25a00ba9b3f06e55e83f75efb1e0b6

  • SHA1

    a504ecfb8c1503db4d5581644734676761f6afd9

  • SHA256

    927f1849bc6c9d37b079aa9b68e6200b395690dab983d6c8a25a79368dba48e7

  • SHA512

    b06541a323aee7a042faedadd8d37132666c7ec6bb39ae81d04778b8a3339caa89f27bcb9b78bcb13cbdf0ed4d37c92880167899fef1c1cd93bfe62aa09f8ae3

  • SSDEEP

    1536:WatX+n4UVtwKVbaSZ6LKB6VhzQvNiKSmez0prWRw72HWUpO7zQc:N+jXwKVbaSQKGQF4meUG6267H

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\3e25a00ba9b3f06e55e83f75efb1e0b6.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2664

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    5b1aab0eda633994eb7843c7fd2fb130

    SHA1

    73cb6c435a307d6f4782d79f7c8f4791fc66cb68

    SHA256

    d118dcc09a52075ff51671b10171f3b9bcc235c6545ff40a77323d068e69dd48

    SHA512

    9381693681ddb6305b3acaf1d9a7f59c0ce77db81ca96d7f38a807da5803b3afdbe45a454f3c1f7822af95ece41418ffbd57b24891f9d20803901bfa6bc2df34