Overview

overview

10

Static

static

3

eReceipt.pdf

windows7-x64

1

eReceipt.pdf

windows10-2004-x64

10

Analysis

  • max time kernel
    122s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25-01-2024 17:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eReceipt.pdf

  • Size

    32KB

  • MD5

    687e597acd68e30d96451edf0390a3e5

  • SHA1

    2a09bbb5f3d6b559e457d41cdd0aeaa8878a867d

  • SHA256

    01c8115401aa76db9650b1bf9294534df8492a05eb9a5c0ef1c01a03ee1e9f2c

  • SHA512

    4a222c188887a71c0d8d298f2e06753674e860a6dcd4c5eb70013043d4f4e1ee9f868aede5c463e75ae9ac4657bfe399b37ddfa6aae329f90f6e59355d74606e

  • SSDEEP

    384:WlPCWKaE+2W2mBMAbucLcxR/wt81w1s8OnKRJPOSdB6Aeiwo:WlPC6E+23m3bPQXot81rkRlvH

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\eReceipt.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2108

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    3dd776e9dd532a01dbe4d302598ac324

    SHA1

    e7484208ca713889873f82c223dcc768b7b2ed24

    SHA256

    fb9b223bfbcb67ea01092de56540a8b5a6b8c54a4f62d0d32c7c9a1143fb2001

    SHA512

    05c8d987df5217b9071ba7b2ff3f85f12c760769f0d87e1b3da440f7d83c556c17ec11a8e41f27a8d0bef8bb576c08b2d94a07e09432cd806daca820dd063522

    Download Submit