Overview

overview

7

Static

static

3

Disk1/ISSetup.dll

windows7-x64

1

Disk1/ISSetup.dll

windows10-2004-x64

1

DotNetInstaller.exe

windows7-x64

1

DotNetInstaller.exe

windows10-2004-x64

1

IScript.dll

windows7-x64

1

IScript.dll

windows10-2004-x64

1

IUser.dll

windows7-x64

1

IUser.dll

windows10-2004-x64

1

ctor.dll

windows7-x64

1

ctor.dll

windows10-2004-x64

1

ikernel.dll

windows7-x64

1

ikernel.dll

windows10-2004-x64

1

objectps.dll

windows7-x64

1

objectps.dll

windows10-2004-x64

1

Disk1/setup.exe

windows7-x64

4

Disk1/setup.exe

windows10-2004-x64

4

Manuals/OR...es.pdf

windows7-x64

1

Manuals/OR...es.pdf

windows10-2004-x64

1

Manuals/V9...al.pdf

windows7-x64

1

Manuals/V9...al.pdf

windows10-2004-x64

1

Support/vc...86.exe

windows7-x64

7

Support/vc...86.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    02-02-2024 15:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Manuals/V9 Users Manual.pdf

  • Size

    25.3MB

  • MD5

    eb38e767087bc632425ff6bddd986c79

  • SHA1

    856dc2d65eaba8cb9af9321a748377333a079bfa

  • SHA256

    c0b74e70df36c35575afff80a372f4344f2b2b861aa78947f5a7aed18527655f

  • SHA512

    e574f20895bef84a1049ce065e6b372999fc33fcec57e31a179647d5e943a2a1c0cdbaddb6af1bec4651b9ad7f4a0650b3abc7a24978558bad42c853c725699b

  • SSDEEP

    393216:0yHLTbJkfRLT9zkb36YYYYYYvdUbkm30Dyf3uSA2zhu+DUVdNKP:5HLTbeZLTe6YYYYYYvekM/f+SAXz6

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Manuals\V9 Users Manual.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1748

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    8b4bc3037cde19ab78308777419dabfd

    SHA1

    8f1a37e264ea3b134c6f6da6e7f7eef2935a0163

    SHA256

    fa8fca6fe03141569022485b1b09d08573d95b598a567dbcde7f85d4d723b1d3

    SHA512

    846d21c4e79cac1baaf2092c5ee20fcf0b3ea2ab06d042ab0eaeea7f3f641a7c77e0d7474407940cc1e91cd77f125de97af46b326cc471b9c52ba8188ca8aa4e

    Download Submit