Analysis

  • max time kernel
    118s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    18/01/2024, 22:33

General

  • Target

    6634c3bf54c74052355916392c183136.pdf

  • Size

    91KB

  • MD5

    6634c3bf54c74052355916392c183136

  • SHA1

    4bf22c8b5ed65cea0e1c210534a8a83fe3ad608f

  • SHA256

    6839ab758be316c798fcd1698fef617e693b5aae1385dd6a19c380ba454e683f

  • SHA512

    38a8096dd3b3ea03efc7228ea9ae8d3839be9ac790159183a10b111a7cb494aefda144109aede5604026f3a76383edd07657e5e45b6032dfa06cb7f0d040dd71

  • SSDEEP

    1536:k3/e3VGHISxRVae9LPxNXu8rvtLuKvjxvsNlWZhIhAom+VWHpOvTWmnO/g2YaAsA:MmlIzEe9zxN+8V3vtENlWZhkxHvYdbAF

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\6634c3bf54c74052355916392c183136.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2972

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    202b9acda72b8cc114c248f55eef1007

    SHA1

    56e26bc7df88f8ceddf191114b20ee0afef62deb

    SHA256

    c0536b226afcefd4b295acd9dfa0d94dd525e35ee2fdd42348fcbbdd50b17a86

    SHA512

    1beaece608445b6ecae9d9612895a1c57f4c63c9b4ab56695b21ae113b72a8ef1c2e4e48a7921eb93d9882b2d371ca4c4f7434af355e62d0e663631cfd49d768