Overview

overview

5

Static

static

3

[EXTERNAL]...03.eml

windows7-x64

5

[EXTERNAL]...03.eml

windows10-2004-x64

1

=?UTF-8?B?...?=.pdf

windows7-x64

1

=?UTF-8?B?...?=.pdf

windows10-2004-x64

1

=?Windows-...?=.png

windows7-x64

3

=?Windows-...?=.png

windows10-2004-x64

1

email-html-2.txt

windows7-x64

1

email-html-2.txt

windows10-2004-x64

1

email-plain-1.txt

windows7-x64

1

email-plain-1.txt

windows10-2004-x64

1

Resubmissions

09-03-2024 01:45

240309-b6vfrscb5v 5

07-03-2024 20:33

240307-zb7plsdc74 5

07-03-2024 20:30

240307-y95ggaea4y 5

07-03-2024 20:26

240307-y79cmsdh7z 5

Analysis

  • max time kernel
    121s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    07-03-2024 20:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    =?UTF-8?B?VG95b3RhIEJlbmVmaXQgRW5yb2xtZW50LnBkZg==?=.pdf

  • Size

    10KB

  • MD5

    bd3a12d52669f561ec7292f97145eed1

  • SHA1

    dd1161376edc8e5be6eec47752b23961ed245c14

  • SHA256

    03a0a317daf0b61200ba338a91bd7902e957fe198d5a285a23bfffa289be9b8e

  • SHA512

    7f0c9fbd425cbde63363562a152bafb576eadc901638f2314550467d7592b1d5a4b7bce6912e46c5976eb8f869874c054948e284cf1d1fb95852e6f2c647b3bb

  • SSDEEP

    96:Bv9Rq3+rEhoLVrZE8lPo8ZMC83JdQPoAR/Evh9vuURp6MuEkOBBWBBFB2vByeBB4:bBQAe8lw8GC8LQPoARsvhxRp6MuEoFDt

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\=_UTF-8_B_VG95b3RhIEJlbmVmaXQgRW5yb2xtZW50LnBkZg==_=.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2508

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    8777317e60a83194269a662611be7171

    SHA1

    d8e63e9b7832b874a302aa2f81de93b93dbad94d

    SHA256

    d20bc000ac446e51017dc95063ed35811324425328f88d07850e48b578353d0e

    SHA512

    9142f3fcf754120fd8263aa13c1ed984ca8a8ac856a93a139bda0a4f909cddd544d852b3bd518b1175f9f07a05439af6d1a9fd74bb122d1d90d0d0742edbfe39

    Download Submit