Overview

overview

3

Static

static

3

50f16496ad...ff.pdf

windows7-x64

1

50f16496ad...ff.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    117s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    10-01-2024 15:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    50f16496ade5dd434c00e48338c817ff.pdf

  • Size

    100KB

  • MD5

    50f16496ade5dd434c00e48338c817ff

  • SHA1

    5184d7c91472c5747272832d6de84e2f39f0cc13

  • SHA256

    0c6b2e59d0c25ef83faeb9b53054a2504c00ccf3d4e9f944ab55e394e633a1d1

  • SHA512

    490eb4fc07aaae44f0b3ae526428b3f75a1cc74e6a31ec79e28763d6835f63b225f316d836aae5cfdc57b8a43a5287ef5bc65c3f828619a56dc8e6ebf898b2ac

  • SSDEEP

    3072:gFvCc3xxCUxtC+h/aVYddGay6Qj/hwXHb92Cq:gFvzJaadGay6QbaH8

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\50f16496ade5dd434c00e48338c817ff.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2976

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    26d897ea96ed28459e0be13a2ef8e275

    SHA1

    f5883f72f94f6d2290b5347a6ec6d0dfd6220dc7

    SHA256

    5782f2683e84854a32f0f7d5b81c890823e8be8246475b0e9dc884d3e80260b5

    SHA512

    6521396a2bbce6f32287354437b05b59e3164801d16e2091f8cee8ef95f2e4a249422ac7a8322f7ed6e7bd6d04d5cf18dd66471a25ef5b63573baf4be4eff5b6

    Download Submit