Resubmissions

25-01-2024 18:00

240125-wlsrnacce6 3

25-01-2024 17:55

240125-whk8eacbe8 10

Analysis

  • max time kernel
    117s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25-01-2024 17:55

General

  • Target

    752568fe779bd58259d96fcaa04294ac.pdf

  • Size

    75KB

  • MD5

    752568fe779bd58259d96fcaa04294ac

  • SHA1

    6f6c3e65d13d7152786594aa387c6d6c84508344

  • SHA256

    0106edd16ac05836e246a95cb958b3c2f5f195e0c3fb87e6354de0de4f227f66

  • SHA512

    ca0adc5655cc7dd22a0f9a6d10b8602b28aea5301d10b3f20581c45dafd9366545750e462fddbf7be874809099269b96b13a41d904195bddabea8a5b617f2b31

  • SSDEEP

    1536:ABPa4o+zcCfNs7feT6S0BbnVqfxeDGUcL+XcZaDY23B6qUMRZP+E:Ou+zckMemjJngfxe6H8Y2EqVRZd

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\752568fe779bd58259d96fcaa04294ac.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:3048

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    a647247c56c9ebcab4827afe804374c6

    SHA1

    73226943c701d8bf8563afd73bc8256467f9692e

    SHA256

    7c1d8f338cbecae857844d32762b405ff3904205d2204b8c28c85f0028d07808

    SHA512

    41ed554d4321fca8ba1a68030be03997f36988e9a9512cbb6aeeab7d8b0ae1add54e1e1cd2bd33dcdc6d9a63b84a312f0e6a1f9f5ac5e991713dc3a7c34ffc29