d9ed939603b80f124ac96cf2422ecac87322beabe32654101d3723956333863e | Triage

Analysis

max time kernel
122s
max time network
124s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
24/02/2024, 14:15

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

a20dfcce10582293cc3313ed0f15b407.pdf
Size

100KB
MD5

a20dfcce10582293cc3313ed0f15b407
SHA1

a75dc08eb13f323f38e0420501ecd9c66fa67cdf
SHA256

d9ed939603b80f124ac96cf2422ecac87322beabe32654101d3723956333863e
SHA512

ac6b607ed1f5b7d222c7783286964f0047f4a18019609376f892c0efab7076cc9875543679fecd836933601097213251eb3bed3b28a89879eb0bc740f3dd3b14
SSDEEP

3072:axpZ9lQ94awukctnOsC41EO8Q7KLqpCnmJocmenUMfQ:ap9lQ9Crccc98QhTQ

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2932	AcroRd32.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
2932	AcroRd32.exe
2932	AcroRd32.exe
2932	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a20dfcce10582293cc3313ed0f15b407.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2932

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
3125f3c7cf84909604173ed52a2dc03a

SHA1
8ac5be5286d71ac53ebb5c05e7697de0265f35c5

SHA256
a9e9e2f520a4d1722ca0c2e1fdb8f70708ab2ac78b5080db1bac1bff7642be46

SHA512
44c9597b499cedbd1a71477a51b77b873f97d4e14d89f6b8c5b42e87926a05962f51dae3133f437fb34492a02f61df73c684dd6931b65c8abc73b8ac4b04055f

Download Submit