Overview

overview

3

Static

static

3

409c7f668c...42.pdf

windows7-x64

1

409c7f668c...42.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    165s
  • max time network
    178s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04-01-2024 10:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    409c7f668c3196fe5c5598c98e32d242.pdf

  • Size

    87KB

  • MD5

    409c7f668c3196fe5c5598c98e32d242

  • SHA1

    10be01777c60f0c49540c88b5a379b5a02be566d

  • SHA256

    48502fffc8cb80681a9ff50902eeec201536c2f90b8ce97b00832fe4e55c16ee

  • SHA512

    937285ef6cdf05271ea12dce29396b6c4403fa780f6f39f628d66892fd2faa1c5d690feb6426ce210ce1321c1c1e7db2fc87d1cd0b5c93b392a9dfdf50656141

  • SSDEEP

    1536:czfXTfn5oILpbGtFVKG2/iqcWCHYoEX+JW6pOu26WUc3r8kucll:eTOILKFs+9YoEuqu2lW2

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\409c7f668c3196fe5c5598c98e32d242.pdf"
    1⤵
    • Checks processor information in registry
    • Suspicious use of SetWindowsHookEx
    PID:3368

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads