Analysis

  • max time kernel
    122s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    03/01/2024, 13:15

General

  • Target

    3e949cfa1ee02c849315d6e8ad772578.pdf

  • Size

    73KB

  • MD5

    3e949cfa1ee02c849315d6e8ad772578

  • SHA1

    b20ecea251d7bbe091b1602b56c92630a51ff04a

  • SHA256

    8d5b9e4ab8dd0442236c2976215a8ccebee701d7565f82b88415af95d83a0295

  • SHA512

    7b4204c7b580b6957dad350b22667cce0915873e2455ff5984d7d3399b79e62902b092a564a44a7e79c0af82aed81ef57fef8d0827cf8ca3e23c9b2c0d24deb0

  • SSDEEP

    1536:UogYTXdz0wtGRgG4XWjpKPLC1sYHVR60DzQhh4Ag5Wu/rWFKvrxWUpO7KI8l:5gY7lGaXUuLu11c0DCTgh/rGKvr07+

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\3e949cfa1ee02c849315d6e8ad772578.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1868

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    1799acd7e67d32a32fb785cf32c62296

    SHA1

    0179c1b532fb8a309c681af7469bb6e5b96d19c1

    SHA256

    f3338976c75a7f8d74e19d189436cdfb3f4719ebe3edc44a9de2e15940f6b0e0

    SHA512

    41aba946330716942bcf91d30af3d5bd06a6e9ac13e5167ca211ca4e3edef5690bb9a41edf07653615239afef7a15302ddc88629c8aeb35f9b974eda6cb00d8a