e3320e915f044cc972f9a75622f1a008791cf312b18f89ce209f812a38474d03 | Triage

Analysis

max time kernel
117s
max time network
118s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
19/01/2024, 00:15 UTC

Sharing

Report Analysis Logs

General

Target

6667e3d939346c206ae0fa0a15a66260.pdf
Size

97KB
MD5

6667e3d939346c206ae0fa0a15a66260
SHA1

ceab14d7e2a8b62b58ece67504486310928f1e53
SHA256

e3320e915f044cc972f9a75622f1a008791cf312b18f89ce209f812a38474d03
SHA512

b90b9e24d55caf2ff1151bf10434cae996cc37af38a9ae15df190c9baa6f109b76d8df09dee3c44390bbbc93cf99148ce316582b967e3d780fcc59895f31422a
SSDEEP

3072:1z2c2kI3i4vn0OSzgvv4v0KgfoTjEVKlu+i:ZvIXn0DgrKggTzc

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1404	AcroRd32.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
1404	AcroRd32.exe
1404	AcroRd32.exe
1404	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\6667e3d939346c206ae0fa0a15a66260.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1404

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
b90cfed40a7dab40c9836d80ffee7cf4

SHA1
dcd7f30566d469be77f94040396d89038e211c3f

SHA256
22cadd59e05fcd6856bb46fbf20e1140499ddd635dc2d478449e9271b5374c94

SHA512
5c8d68dfc523fda039be18be08e294c40e0b6a55a297b511a473517e3a3a3cbe6f9f049b252f8affb5747a215ccc6099e13bffd10a0e5d7c86932ebf8e5a424a

Download Submit