01c7ce9c369165312d869a65118d3a649c82cf47a701adf7a0ac94d273ed0d0d | Triage

Analysis

max time kernel
121s
max time network
134s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
12/01/2024, 18:33

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

573151ce40dbe27df2f36210c779984a.pdf
Size

146KB
MD5

573151ce40dbe27df2f36210c779984a
SHA1

a0b15861e667e90254e222a59313d61b3c24e4c5
SHA256

01c7ce9c369165312d869a65118d3a649c82cf47a701adf7a0ac94d273ed0d0d
SHA512

efb2c54985188cd629ece6d56836d03712dc6bcb903e61c2cd479b2ecb3adbd8b4d6498ca06bbefaeb0172c5a8db1035f256218ef239acdf0b7a1ac57eabfac7
SSDEEP

3072:AVtf/5EkMqSaG35eTi5V/6KzzMscwSaNAp24wg1L1:AVlykOaG35eGmKnXcjx

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2084	AcroRd32.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
2084	AcroRd32.exe
2084	AcroRd32.exe
2084	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\573151ce40dbe27df2f36210c779984a.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2084

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
e41c2aa819f0632c887926f766da5635

SHA1
bb14a5d56ece3df38481782fe35eda6c12c9d4ed

SHA256
fc06a54d8b8aacf415fc4d7f668022284a3bbbbf9c8f741588d76f9b81c9a148

SHA512
3089712a4c5aa08266843ee75b0ffd52c4532bae344c28a5df4d63d2a3c3b3b12bf3ef8f9ad41eddc3164d1f87c950cabcb87dfd6fad1a611dba55e6b60de90e

Download Submit