Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    03/02/2024, 03:57

General

  • Target

    8b563fe7bac0e7c80e78c187611c9568.pdf

  • Size

    93KB

  • MD5

    8b563fe7bac0e7c80e78c187611c9568

  • SHA1

    cb60c6e0572f113c1770ec71ecbe142ce8a804e2

  • SHA256

    2ced3d91746ab3cb5966e7f380c1e475a08c4e943fd068ab882291dc69f6912a

  • SHA512

    fbedc040eb71387f8d4817475a5407a92b2e2efcbfcd5ce7fadfb253db43993516b6126c9844391a2ae71de16eb39b809113d6dbc363a90da5af0d261a966a8d

  • SSDEEP

    1536:iq57jZoKCCAdXB9WdbJ4ak1IA75tM78ne0x0oCbglWaK55+d8A/xXNb/ogW8pO+Y:z57rCNX8bJ2IAM7XFoCbgBgHA/x9kL+Y

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8b563fe7bac0e7c80e78c187611c9568.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:624

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    7460166990a41181f5d0d4c172da7e1f

    SHA1

    3f64253f7e23fdf2a156fe6c1c52338791d5cfb0

    SHA256

    57971ab6290da914f218b5eddf2bd638d075988345250094b0ca1b1397fe7e84

    SHA512

    72aee356a4c62482e67fee127755ab334f02e7330290392320b87742edbd57e799b14f2e7ada35d0fd23bd8205b082572c486856fd239d47d2e55c136ae8f52c