Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28/02/2024, 03:46

General

  • Target

    aaeca52447a14a9fe3e9f3d200e5fc93.pdf

  • Size

    84KB

  • MD5

    aaeca52447a14a9fe3e9f3d200e5fc93

  • SHA1

    4d563804bb2f55aa559fab6bbba8d7548dc96091

  • SHA256

    6422603fb5d849545eb956b6e6ed18f2fb1134401b00a1e94e9c1d7847b579b1

  • SHA512

    e4d2771615af814a2867f020c86f5920ea9da3fc7f8e6ad521333718122b33ef5a8f67e9e0dd814ae17a06c5f64fa54da4ad9e6992f5e038d0424d6642f836a9

  • SSDEEP

    1536:Pdkh6wQ7ruH1xtA8M9Li3KjpSTD449CrGq5yGOzW8pO73WqwM0D8iqnOgKR3/0Ye:VKSieKgSTM49UGq4GOe704Ogi3/Te

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\aaeca52447a14a9fe3e9f3d200e5fc93.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2492

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    2f892db8537ceaec6baf5bc2007e93f5

    SHA1

    5aeac46aee8b6ad812a4b6a86797ce4b9bffdf12

    SHA256

    7dfcc9766342aed209d30850bbe8e5c170314722eb968c2a71dd5602accc11db

    SHA512

    6225259154b23b6e76feace447f41d94d4c01696225d7f21d28dafbfb85fa2fab4d16487228f6c571febada608ffc2bb09042f6b8c64efa7cfca40bd9c75db33