10b40992b6b3b76e0d960947f26be4f8f8fa8df5c97d17d3874550977bcf48b4 | Triage

Analysis

max time kernel
118s
max time network
121s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
19/01/2024, 17:20

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

6832e39549d76b826bc2bf4424a8f523.pdf
Size

57KB
MD5

6832e39549d76b826bc2bf4424a8f523
SHA1

89a2739fa2197039e087aa73b9c8e3d58aaa4255
SHA256

10b40992b6b3b76e0d960947f26be4f8f8fa8df5c97d17d3874550977bcf48b4
SHA512

061c14b114a629c5790497708c265beb46e6638979188d94ef8f58a57d99170573b39d4c9d93ff8d92d03f54794510588c87c347d7072d3381807981cf7835da
SSDEEP

1536:eYbCYYRQ/7WGkCa8hfVp5OV0tArvZFxFhZucd:FWGDxvOprvH/hZ7

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2152	AcroRd32.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
2152	AcroRd32.exe
2152	AcroRd32.exe
2152	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\6832e39549d76b826bc2bf4424a8f523.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2152

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
46505b30eaf3ed0941b8f7b30f89a580

SHA1
efcee4fa64e93454c32044a804b714b546a2d9c8

SHA256
186db466216ffe90ce3a192dac74efb7e9bcfffc3867bf305a378d640c7e10dc

SHA512
d456925ba6f72753bb359ff6fb09bc1e25900ceef0bee0b17a400f3345bc4b49ba65e96677cbf66cff83c7b482d25ed865de6f607df2b267cb557a9e911ca7b4

Download Submit