b798ab3ed31e8452dda06f383f6dd76de9ef237761a3c1ed3f7952b6c9c81aff | Triage

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
03/02/2024, 23:17

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

8d9e2ff12cd6507e029a15a0cc1ddce8.pdf
Size

34KB
MD5

8d9e2ff12cd6507e029a15a0cc1ddce8
SHA1

3d8845058472000f4d5f92a886997937d3f1dd64
SHA256

b798ab3ed31e8452dda06f383f6dd76de9ef237761a3c1ed3f7952b6c9c81aff
SHA512

64aa43a221734b5f1445b52ca0f72c7a61cd6412944d29e0af09cb131d33c78a832705de0bf8041b8137b145a9811370a550cf8fe7c28b3e3c63725372614db2
SSDEEP

768:egGzpDrUWJ3JWmabR2tcyPkaUIDLQOuA6EQPCE5:bGFXU05f6CLfuA6EQaE5

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2888	AcroRd32.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
2888	AcroRd32.exe
2888	AcroRd32.exe
2888	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8d9e2ff12cd6507e029a15a0cc1ddce8.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2888

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
e685f398fc312bd5c413fb916a0dbf5b

SHA1
b8c05c88ef9c9c89313bce21a2a7a49cc6e46d3c

SHA256
130a2613ed48c11f4320c8cd11cfc32ac18db3abdd3a291a4e76a91dfa4ee3ef

SHA512
6abf4b0dbbf4faa4cd3d57f9865fd3d5a0cd7a46cc5cd99f043aeafa0c3dcbab77ab4dbdb595f9f7729684f105004db4777c438e7faf54032c4004689649c431

Download Submit