Analysis
-
max time kernel
118s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
08/03/2024, 11:46
Behavioral task
behavioral1
Sample
1ce68f317cd78d136878f3a51a8cdd225e26b27091bd8cb16e05f4fffd742e61.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1ce68f317cd78d136878f3a51a8cdd225e26b27091bd8cb16e05f4fffd742e61.pdf
Resource
win10v2004-20240226-en
General
-
Target
1ce68f317cd78d136878f3a51a8cdd225e26b27091bd8cb16e05f4fffd742e61.pdf
-
Size
10KB
-
MD5
d03cb0803ce257a966f55445e387d069
-
SHA1
15beeeec6dcfcafdf97f3592756b6c24fd0018d4
-
SHA256
1ce68f317cd78d136878f3a51a8cdd225e26b27091bd8cb16e05f4fffd742e61
-
SHA512
924d9bc5c3dc32e1768f0dcfe3a9270404462348d608358fa6f3a1fcc06f01b67abf4602cc7dae9058ea8127a29c1891609f5890d732cc1ae74c3e249a686844
-
SSDEEP
192:9dVGsLNPmWaqzHkKp20LAjc3gboBZBm0FyKvKqVxutiGiNeut:7VRL0WaqzH+01fZBm0FyWutHiNeut
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1488 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 1488 AcroRd32.exe 1488 AcroRd32.exe 1488 AcroRd32.exe 1488 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\1ce68f317cd78d136878f3a51a8cdd225e26b27091bd8cb16e05f4fffd742e61.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1488
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5ceb0c48f8b25798d95268e65fd3b4446
SHA1a5ba95701368401e7b7b7227c53311dbed2981b1
SHA256bc1b10b630ddc9ec940df1dc25292ba4100cbdbdabb5573b9a05f4a2b2621715
SHA512c6af76654405d106e8fd1af6f42a31a958849c855a9e81d8b326a2759a09924a3a989bf63f23d8ffc547eb74cbb210553fef8f6b578356b944e2c5d8d9198f29