Analysis

  • max time kernel
    91s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-01-2024 16:58

General

  • Target

    9ac3bb7cf71d366dbbbe231822f3785034009b94e742dadb80ef33984bf2e07a.pdf

  • Size

    50KB

  • MD5

    51a5658730f585307207a4d36711ca1c

  • SHA1

    dc17e85ca3d302f33de40dd3313ff63722d1c216

  • SHA256

    9ac3bb7cf71d366dbbbe231822f3785034009b94e742dadb80ef33984bf2e07a

  • SHA512

    ea01d80d95f9da39bb95b7a8f2fd4a46af9ec746cab5e1fa9a23647e94cc7b4e7c3767f8e3c80fa5336935133b57361779f81f35681da436bcf9adbf85b055a3

  • SSDEEP

    192:c0gTICXfyVWVZ5GWa2pxTZmE3tu8qv6oFZ8K:3YsWNGWJpxPu8qvdL

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Suspicious use of SetWindowsHookEx 6 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\9ac3bb7cf71d366dbbbe231822f3785034009b94e742dadb80ef33984bf2e07a.pdf"
    1⤵
    • Checks processor information in registry
    • Suspicious use of SetWindowsHookEx
    PID:3164

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads