Analysis
-
max time kernel
150s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
30-01-2024 21:13
Behavioral task
behavioral1
Sample
VirusShare_5cbef8e4ade60ef54b57132762974125.pdf
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
VirusShare_5cbef8e4ade60ef54b57132762974125.pdf
Resource
win10v2004-20231215-en
General
-
Target
VirusShare_5cbef8e4ade60ef54b57132762974125.pdf
-
Size
144KB
-
MD5
5cbef8e4ade60ef54b57132762974125
-
SHA1
814229a12f5a84030dce9361edbd04b37a576a65
-
SHA256
20fe1c99cc3fafe5d46979616e2ee8fc704e70e88aeba6afd3fd156919c095e0
-
SHA512
5378b1b180490abe252b568beefc7a09d65d56c3abf3a4d89e4d4985d1063eac84d74fe1687c716910c2c172ea5c99c0eaa1fbf466994141073fae46226559cf
-
SSDEEP
1536:C7iJ/r9KLuNjcJVYF1gvaBcr29IdqsPUd/WNJrc9Opp:C7iJ/VNYPpe5kpcYH
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2168 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2168 AcroRd32.exe 2168 AcroRd32.exe 2168 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\VirusShare_5cbef8e4ade60ef54b57132762974125.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2168
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD51186490c307acc91a16ba45e13838114
SHA1a6034b367a612bbd143ac560575af625ea955d40
SHA2563164f70fd031e6099e7a08b7bfbe64b61f51dc0b393e688d5cf0f0c8158c5775
SHA512437f21c32517a2c0494abf50eca19a403040040bd673aaa11e1a30282a6a28c325a8a7d2e64592144f5aa46aac9423acb2f75be6fb5c4d81319cd5466b6404fb