Analysis

  • max time kernel
    121s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    24/02/2024, 19:01

General

  • Target

    a2837288b18b21697304350e1220eed5.pdf

  • Size

    89KB

  • MD5

    a2837288b18b21697304350e1220eed5

  • SHA1

    2a7d9d327090d4a8e653f995a20cdf7d83f4c50e

  • SHA256

    0c063bf0a5407268a4a7c64e27fb51e2a5fd92d1b831a3a9caa4367dfccae9cb

  • SHA512

    4c99c8591c52bfd79052b0c257d42705b64c495e146a945b4a87a9d37fedaefa3e1b3697b3772be0a76d8fd8ee7a02c8143953d80ad2b5c8eb36631f9ffb4927

  • SSDEEP

    1536:CltaH0hZIHYR0P8UcfRQqdd0rkQj0kMy+nRScWnLOayAFM8Y8js4/WOpOwruS+6M:9UhZfdzfmqdJtkMlRChFM8848wrubD

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a2837288b18b21697304350e1220eed5.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2308

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    813986003d2109e68a0303e8d5c8bb5d

    SHA1

    4ff46c2bb9288bce09ccbc313c05c8cda58e3117

    SHA256

    9f5d83811798654a5e07506bcb4bb4cb0c96fc269a41c3a675150ef6dcd1238a

    SHA512

    6f33809b6a57e6f7be0df7798eb3b5975c70b76736aefa6c1fb9395edbaad4eaa6148eb9aeec6b69505ce867e03689210d731b613d0cbc9c9086cf0774a9903c