Analysis
-
max time kernel
120s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
07-03-2024 12:57
Behavioral task
behavioral1
Sample
98cac92d8a65fd047ab450baa5613eeeba0ebdd44e3d18fa3c4f829d523db55b.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
98cac92d8a65fd047ab450baa5613eeeba0ebdd44e3d18fa3c4f829d523db55b.pdf
Resource
win10v2004-20240226-en
General
-
Target
98cac92d8a65fd047ab450baa5613eeeba0ebdd44e3d18fa3c4f829d523db55b.pdf
-
Size
19.4MB
-
MD5
3f02cb36ab4cb47272dba97daa52726c
-
SHA1
f6e8f6566346a655ad6d22ab96e96d3cff82479d
-
SHA256
98cac92d8a65fd047ab450baa5613eeeba0ebdd44e3d18fa3c4f829d523db55b
-
SHA512
1eace22dc02f4fa9a0100f29a28897170df99aa288ce710dce3cbea853484f24b229b0f8c8e88480cf35a0b1b04c823f444c6112bf4154071934b122b2f98a9a
-
SSDEEP
393216:eZuG9mIRh3YzNoXIHL5g7IBZW+ARHHIw3kEu06k9h9llhYucKMBftUfUC:ewGEihIzmoLFzWcw3kx06OfhC2fUC
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2948 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2948 AcroRd32.exe 2948 AcroRd32.exe 2948 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\98cac92d8a65fd047ab450baa5613eeeba0ebdd44e3d18fa3c4f829d523db55b.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2948
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD50be1f4db067e66b71fdf03d13d416a68
SHA1c104d4160e6c65f1049f4f76a729a40dbb59f3c5
SHA25674c68b723ef165ee5456bf9814922f32b945f82cddd9722d12555da713f603b2
SHA51201bb4d5b64e09478b3e3180119ff47640d11fd07aef980244e92048870f8de166b6dfb03352f90d22e11083478c97c757531bcea24d21f49deddf7c64030c7c2