08cbecf4bc6adbaf753a4947cb48b15f1a48d2f9db3d4a6113c3d02122ba9246 | Triage

Analysis

max time kernel
119s
max time network
122s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
26/01/2024, 01:46

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

760f1fc586366b6e0089cc81e2a9f273.pdf
Size

69KB
MD5

760f1fc586366b6e0089cc81e2a9f273
SHA1

41521ae1dfde6c6c116fb47697dcfde5d941a04e
SHA256

08cbecf4bc6adbaf753a4947cb48b15f1a48d2f9db3d4a6113c3d02122ba9246
SHA512

4ef801f2182d72e48143aa47f1a2d3a7429e0f5ec1259eec078d165068f040e51a0afc226c7ca8287d8686fbbb927d1613dc5ca558c48dcf56acfe6c31300add
SSDEEP

1536:4QH5VT1TbO7aJ1+FbPyJ+xH7fTCI3iNj+2KlAJ3T:rnTk2xJeHbTr3iNr

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
852	AcroRd32.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
852	AcroRd32.exe
852	AcroRd32.exe
852	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\760f1fc586366b6e0089cc81e2a9f273.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:852

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
6925d5b50b95f6e877b22b43b34dd7bf

SHA1
f7cbcfe7305d254cd75b220263f2d61fa4319904

SHA256
207a8c397fdc269b4bb3379f47a01bb1096714a3c2b66f3b343bc1565392a563

SHA512
fac58688a1821db2bd1fac1f43e4c5db7a677d5b1aff14e07fad8e8c264320eed894ae0729f3e5bfb3695ff396b9ce5c117edb0d9343444808647a7d9f0bb1b1

Download Submit