68b38e90312263f5c86bf9fe3fae46008dbb6b69d1a5b70fa8033cdba4b74ac6 | Triage

Analysis

max time kernel
120s
max time network
123s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
13/01/2024, 15:17

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

590a3372e0db8516df11e371b0d2c50c.pdf
Size

37KB
MD5

590a3372e0db8516df11e371b0d2c50c
SHA1

adfa287eb920c2101e4e09c3423e1ed2e0392ef9
SHA256

68b38e90312263f5c86bf9fe3fae46008dbb6b69d1a5b70fa8033cdba4b74ac6
SHA512

7511c57a959d2ef802fd2d83925577cc3cbdf498e6cef771910a71884db74b2111d4fb0ea85be67dbf94cd3b2fe85c8d689b0e55ca462a83049efb40a7acd206
SSDEEP

768:fVaV4d+tTYXv9wgi7P9sDLSaplqYkCQmlyROI7Eg/I:fVaVtUWgIl05ldTQL//I

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2252	AcroRd32.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
2252	AcroRd32.exe
2252	AcroRd32.exe
2252	AcroRd32.exe
2252	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\590a3372e0db8516df11e371b0d2c50c.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2252

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
f9b518c666651035b1a49c8e24ed4312

SHA1
353ce7781b489b0d9576343fc52f651058ee1287

SHA256
c6c549fd656c1f89759b9d673c8c24880335ff660c1b1d8d7d3279487c821a31

SHA512
952e8df6495e529d5cd3e4f7e93ef1a5d35ddf21e48e703f64bdd4b8fcdd1c862f53e82a51793b3b4be142278a29fc137335fff7f289722822f578bfaf84ba25

Download Submit