78912f1b4ea17ee19a97794326cfa971d26fcf724c9373850d3deeba29ec9998 | Triage

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20240215-en
resource tags

arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
submitted
25/02/2024, 17:00

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

a450cb943affa375185713d8fd2905b5.pdf
Size

34KB
MD5

a450cb943affa375185713d8fd2905b5
SHA1

c83f470f52a6a18dc3cce660ed338716beb5fee7
SHA256

78912f1b4ea17ee19a97794326cfa971d26fcf724c9373850d3deeba29ec9998
SHA512

aadd4e17b506a8dac51db2629d7a779f5492465657f81f84fe4bf7656affb5a1a8ba64d927e764be09c3c667770754c991d7024d39a6b98c8e836e97eef2bbdb
SSDEEP

768:8RNsZ6GgmlJDnYVY9qGtk1tlJXcfV1MYiPQ3gOe:66ngqi/Ek1zp4VyYWQQOe

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1888	AcroRd32.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
1888	AcroRd32.exe
1888	AcroRd32.exe
1888	AcroRd32.exe
1888	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a450cb943affa375185713d8fd2905b5.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1888

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
2a4dcae508425e20407be4d76649ad83

SHA1
946a57f3fd1b182ab633ce1a1c0e3ddc0842e543

SHA256
b51d31a03b0ba5e10419da1776011582a757d9c22378125d68f127aa17acf8c8

SHA512
dd0164264339b850d49478a4782c40f654ed628086cbf2a38bc232b7234cd3562d8875907dc8fefa537796d5cccb8cddc7b1e45f0acccaeb51465a9f7fe34f77

Download Submit