Resubmissions

25-01-2024 18:00

240125-wlrvcscce4 3

25-01-2024 17:55

240125-whq4nacbf5 10

Analysis

  • max time kernel
    118s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25-01-2024 17:55

General

  • Target

    75257f56b8d3e99acebcf7cafd520fb9.pdf

  • Size

    80KB

  • MD5

    75257f56b8d3e99acebcf7cafd520fb9

  • SHA1

    70dd11a345b00ea2a6546b14017c602cbfb43258

  • SHA256

    0f8f5d03de8eb7e88ad31ac630dd82cbdc361939fed933f653690747a8e3140c

  • SHA512

    79048109761e9c8761c84b80f01e4ac1091705902bf1679500c5ca72e4c6eca05b33b057ed497960fc3d1619851c70b5fd0d56f7d4b832ae0ebafdd4914bba23

  • SSDEEP

    1536:X0+nBHYbKcrfprjA9kgC5UqapUnpVn3MXo/PF8RWipOPIn8V/WWl8uU/cemAT7:EcBH6KcLprjALuLn3MgN8SPIGhlacXAX

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\75257f56b8d3e99acebcf7cafd520fb9.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2900

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    fb0b28d5e86eba620cc90b5d1a7cfb1a

    SHA1

    70eb6ee1d8957810ff2804a284137e76661e0c8e

    SHA256

    9af53083619a1a528ef2ed0a75e6e98a7a23b3491c1d1c68a9637924041fbde2

    SHA512

    efb5bd1c8aab02508e13d2ca61376488697486eb88b8e19239e1016b39edc2c1e02103b89b45024ddb970a59d51a7c503beea8fd5ca255b90ddc76854d82d236