Analysis

  • max time kernel
    177s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    02-02-2024 12:21

General

  • Target

    CDWinder Registration Form.pdf

  • Size

    166KB

  • MD5

    737274e013f50d27fd865c88679ffadd

  • SHA1

    60588ff5678329c978d0bd385de506f40196424c

  • SHA256

    6fc231f90747f0d8c5ed668ee7376fb790e0cc5ba585ec49f3b0749f1d6afe53

  • SHA512

    eef1f180b7d99f5d61ca61715a95bd24c11a458ff7bf7eeb9c4cea438d8d5d204d8a28f7b1c45e8bf2441d81637f2a6273654ae05dbd2842f3944e5996c6e54d

  • SSDEEP

    3072:SQJX0qIikwu6fdzanKgcvLz//mMJjfVcr9dxpfA/QDaBglUn1V+CLRVS2pVSbs8i:ZBIikwu6fdGnKgcvLz//JdUZfzOn/+gj

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\CDWinder Registration Form.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2144

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    dd7820630718514b5c407e240a865d4a

    SHA1

    57eaab7aa103042ba1d1099ac5c98a427cf409d4

    SHA256

    97a56672e1e568a09d08ed5900eb39571123700616e7133329699280b92cb6f9

    SHA512

    476b157a28a25727ec8267d5e7aae8bc098620d85e5576d21443abf7c7055052a4dfd41228ab677d1a572f31dc90f1185cb0e4407d06aafd5aabe465fc08584e

  • memory/2144-0-0x0000000002E50000-0x0000000002EC6000-memory.dmp

    Filesize

    472KB