Overview

overview

10

Static

static

10

163.5.169....r2.hta

windows7-x64

3

163.5.169....r2.hta

windows10-2004-x64

8

163.5.169....r2.pdf

windows7-x64

1

163.5.169....r2.pdf

windows10-2004-x64

1

163.5.169....r3.hta

windows7-x64

3

163.5.169....r3.hta

windows10-2004-x64

10

163.5.169....r3.pdf

windows7-x64

1

163.5.169....r3.pdf

windows10-2004-x64

1

163.5.169....r4.hta

windows7-x64

3

163.5.169....r4.hta

windows10-2004-x64

7

163.5.169....r4.pdf

windows7-x64

1

163.5.169....r4.pdf

windows10-2004-x64

1

163.5.169....r5.hta

windows7-x64

3

163.5.169....r5.hta

windows10-2004-x64

10

163.5.169....r5.pdf

windows7-x64

1

163.5.169....r5.pdf

windows10-2004-x64

1

163.5.169....r2.hta

windows7-x64

3

163.5.169....r2.hta

windows10-2004-x64

7

163.5.169....er.hta

windows7-x64

3

163.5.169....er.hta

windows10-2004-x64

8

163.5.169....r2.hta

windows7-x64

3

163.5.169....r2.hta

windows10-2004-x64

1

163.5.169....ry.gif

windows7-x64

1

163.5.169....ry.gif

windows10-2004-x64

1

163.5.169....nk.gif

windows7-x64

1

163.5.169....nk.gif

windows10-2004-x64

1

163.5.169.28/cmd.exe

windows7-x64

163.5.169.28/cmd.exe

windows10-2004-x64

1

163.5.169.28/cmt.exe

windows7-x64

1

163.5.169.28/cmt.exe

windows10-2004-x64

1

163.5.169.28/fd1.exe

windows7-x64

10

163.5.169.28/fd1.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    10-01-2024 21:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    163.5.169.28/SCAN-atoletter4.pdf

  • Size

    170KB

  • MD5

    6959cdb24cc37e1a25fcf1b9aed58fcc

  • SHA1

    0659f4eb013280e21a057fa1c3843d4c0043ff90

  • SHA256

    753a2e33fc19c1436650f392c23429728a97f4c941bd5493bc227ab04f6f231d

  • SHA512

    b56f3c8584d30edcad363d1dc283c8b9edc0d13b4eb68755940f5400a6ea050a27677a1b744a0af1e7bf9ea8ff3af75a9991c20c153dbae0e64eafb3a863886d

  • SSDEEP

    3072:ccAr61Wqu9r1RRrgz/hdcJ0XWLtSCi6dzRov5dMWm4yyLUQ:TBuxBgrI9cJDTMEyK9

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\163.5.169.28\SCAN-atoletter4.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2384

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    7b9f08622b3876ed7feb08d98fd5c00a

    SHA1

    c71171a976567ddef4dbc8656c431627a2d122f7

    SHA256

    3d66f396c2523d5270218a25a5da58be3dcc0c8698bd8eca8ab24d36cbcb2d2b

    SHA512

    94a170dc109527348c60cc573f19be74589236ee1d8218c9cd1857b659ed63dd5ee133d82b22242a90017ab2c36e52f8833ba4de410f6f9b551121940c387df0

    Download Submit