Overview

overview

7

Static

static

3

Disk1/ISSetup.dll

windows7-x64

1

Disk1/ISSetup.dll

windows10-2004-x64

1

DotNetInstaller.exe

windows7-x64

1

DotNetInstaller.exe

windows10-2004-x64

1

IScript.dll

windows7-x64

1

IScript.dll

windows10-2004-x64

1

IUser.dll

windows7-x64

1

IUser.dll

windows10-2004-x64

1

ctor.dll

windows7-x64

1

ctor.dll

windows10-2004-x64

1

ikernel.dll

windows7-x64

1

ikernel.dll

windows10-2004-x64

1

objectps.dll

windows7-x64

1

objectps.dll

windows10-2004-x64

1

Disk1/setup.exe

windows7-x64

4

Disk1/setup.exe

windows10-2004-x64

4

Manuals/OR...es.pdf

windows7-x64

1

Manuals/OR...es.pdf

windows10-2004-x64

1

Manuals/V9...al.pdf

windows7-x64

1

Manuals/V9...al.pdf

windows10-2004-x64

1

Support/vc...86.exe

windows7-x64

7

Support/vc...86.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    02-02-2024 15:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Manuals/ORTEC File Structures.pdf

  • Size

    673KB

  • MD5

    3fc5c0357f9819358b8c67aefc56be06

  • SHA1

    0489910af884f52bb488255f9608de2c36a411c5

  • SHA256

    6bb1545453facc78db2fced49b8cb3ec85228a3a82f8a732e1a7c1be12d20dd2

  • SHA512

    4d3e15868a66655318db278e07f7f7b6507c1d945dfdc3675340054600f7f874fea0ca8598dcb67abeb802d48514f4719e1ab6115e27377c2f43d3e6e10eca99

  • SSDEEP

    6144:Ht3s8E2bwPdGCJZXz/HuedbAoQWkYN8qgobE1JtR:q8DbmFldbAQtmb

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Manuals\ORTEC File Structures.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1748

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    2180f73ee51a874f0335e9498b7cc254

    SHA1

    e620fbd5efd4ffb5091e81c3987558719baaf5a2

    SHA256

    ae7d439e8b62fa2756fde8937fe9e28965889fd2409d1dc557ba8367793825a2

    SHA512

    ebbd9e82e62624bf886ab50cb6a3f058bfd20389600bb97dc3de3d89d8ba42fe5183c5c6d61e1b2327917fd2c714bc4eef9b6eeba9dc909f494e0a04ccf867f9

    Download Submit