eff6b5e3f7a870588a2a6e0866152b7ed455b67c1789d93f206c158b1d42c1b2 | Triage

Analysis

max time kernel
122s
max time network
126s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
13/01/2024, 17:35

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

594ebe7b324398f48301e85a3c20295f.pdf
Size

34KB
MD5

594ebe7b324398f48301e85a3c20295f
SHA1

03d43497d05d73e61ced215789e9a593a0992bb5
SHA256

eff6b5e3f7a870588a2a6e0866152b7ed455b67c1789d93f206c158b1d42c1b2
SHA512

07471945ea5c54a9a1c4e829edf4298bcb8698841612047194a95adfc2928c517573744702dff9fcc4ee754134e4cdb42b0231d44017bdf1b0f8c7806a2c3c81
SSDEEP

768:X5NMycslICLJUuCnertT+7eMx49yD7h2Mq7TD3dL5:XcEmneo7eMx49Wo17XtL5

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1244	AcroRd32.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
1244	AcroRd32.exe
1244	AcroRd32.exe
1244	AcroRd32.exe
1244	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\594ebe7b324398f48301e85a3c20295f.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1244

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
5a7f3cac84659ab6ecdcb9c613501d1e

SHA1
767b7126c7b724cf75ae5df2344ee0f118f10cbc

SHA256
e9566daaf5951cf435c82454c6b7ad798b0b8afd52a4925339c6645004a038fb

SHA512
3e1355c6f25cf57e41180cebe41445c63aeb2809c6ad2b5465564c085fd96032fe8c5d930a5757e8e748da38eeea83274c955ab6052ec26fa6700a98e59831d3

Download Submit