2c95ea41cec6464a69dd5c379c645abd3a1be1f3762afe5ed1196499760f1692 | Triage

Analysis

max time kernel
119s
max time network
123s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
28/02/2024, 23:31

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

ad229254a92307d4836f82abac2c644f.pdf
Size

82KB
MD5

ad229254a92307d4836f82abac2c644f
SHA1

d3be91b28ffd5979363da98b50d70319b210a1ba
SHA256

2c95ea41cec6464a69dd5c379c645abd3a1be1f3762afe5ed1196499760f1692
SHA512

f2b5e442cdccbb1284bc7957363b7a1f86a243808f849c5234f24077fcd8f11d1814120f3112fadfb7e9048a0f8195f720da465608d27eedafe6df0eee50a690
SSDEEP

1536:yBaFLmoh1mHpmeuWgERjp9QDf3KydMYvAouRfL:7F6oh1m04jwdn4oup

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2220	AcroRd32.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
2220	AcroRd32.exe
2220	AcroRd32.exe
2220	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ad229254a92307d4836f82abac2c644f.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2220

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
b35f15852845cd19cd9c6b1ab9cbfb60

SHA1
7eebbfd91cef0bdd8e0805cc3e5dc3a25f5758ac

SHA256
5fda86eb8d10c1bab8a9ce12d45e6bd17e2ef14be506789839846db51d9345f0

SHA512
4f697594b76855b68d4e39b2cf7efd26bb8bcb2584d0f96e54364d537f34027147b59ab0784d78313081228af5aade4aa0f1c6a65a4d671cee73576bcc131764

Download Submit