Analysis

  • max time kernel
    119s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    26-01-2024 12:23

General

  • Target

    77590adf0950515e39f1ba71991727c6.pdf

  • Size

    53KB

  • MD5

    77590adf0950515e39f1ba71991727c6

  • SHA1

    061bf7176d6cd5dc5998ffd28eaac88d50b92d8c

  • SHA256

    19820d1f9079e04d1e7b7708e5037cc8c7c585c5276d327bd96354baa7c3ca0a

  • SHA512

    e3fac3bb1c825d0aa1f6217f5b01d4669d4aa0e78e05443192dcfaa6323a780b638de50856b0fd5bf00598a48d3f7621df53556a9b37850a83c770f5423d6ea3

  • SSDEEP

    192:bONbedw+lJ5MLndTp2wU26MLGjQGERTicKU09ZtRHoqfs42RWsNWIsyMk9eej5gN:bONbedw+lJ50rTtRYbACAO2gaYvt3

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\77590adf0950515e39f1ba71991727c6.pdf"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1220
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1220 -s 760
      2⤵
      • Program crash
      PID:2296

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1220-0-0x0000000003360000-0x00000000033D6000-memory.dmp

    Filesize

    472KB