8257389d6264742d414404beaaaac869336c91f9f9af1e31ee081aa6e7857f3c | Triage

Resubmissions

19/01/2024, 19:16

240119-xyyzwacagn 7

19/01/2024, 14:16

240119-rlgbeagbd6 7

Analysis

max time kernel
118s
max time network
127s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
19/01/2024, 14:16

Sharing

Report Analysis Logs

General

Target

help/fr/dia-manual.pdf
Size

306KB
MD5

7cf3ed9ac1ce725b04a4864b829efad9
SHA1

6e343a5bef486583480cabe82bfb3dc172db3a67
SHA256

9424841cb6ce1d67e3d30b70b6910f0c993338403cc5f2c1d9e890a9cc1bc1eb
SHA512

3ee232f0dfc94dc4eee5c4a97d95eca633f2d5bb775ccdcc19f8c25293b895937404643acc004de25ea567ab05c01921f248925e69990169d51f9503f7eefb12
SSDEEP

6144:OnOn5preVk4FmQNhilcfi4wzdvUD3YZRiu9oF:OOn5prUX86c+

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2012	AcroRd32.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
2012	AcroRd32.exe
2012	AcroRd32.exe
2012	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\help\fr\dia-manual.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2012

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
598350e70c48f1f4acc67a22203ee57d

SHA1
78772d00213e5573bb44a93f318ec4c6c594894f

SHA256
ad11f54aa99c8e13c9a7b8f8bc9e4c20d209f7844fd54ed43aad1f0cc5d337fe

SHA512
8b718782f079d0552117a708eda54aa6ada6e0ddbb750b57b2319058e41c9b2b965a738fbb31869c1f2382fbce54cb086e9f25620201300f3be7333340204037

Download Submit