61539d568fb7cc3c370999b6425f72a1451d6521babaf44f2ba586320fba21b4 | Triage

Analysis

max time kernel
122s
max time network
128s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
08/03/2024, 12:55

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

libtiff.pdf
Size

7KB
MD5

b7e55723833ab0d5ab525f1568f1cfea
SHA1

8dfb970c65bae917621834bf935ce8e0bf291b5d
SHA256

f51511934988ad532fbdf63b38acbcfb9d731fa9073a3b310ff60b49262bbb80
SHA512

25be8531c1120ea05d905a3aad08551d5b19034dc662156c3f16d8f5f0703795e8c539f884984addaf6a09ebfa5d9b8512301d88792923347bbc01ff356f9ea8
SSDEEP

96:9nLl5O8XSW5t+YVnKEGqQyVnKZFk1edO4wjFfCnhhRcXqBtZ3CCA4v62KxRB:9nLPO8CWS4nEbGny+f++Xq3vvLKxRB

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2372	AcroRd32.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2372	AcroRd32.exe
2372	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\libtiff.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2372

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
32d2fe201f97cf46f11d06923d5e477d

SHA1
f66d2348dff088fe8da3c6210f6ed825c36fd1fc

SHA256
f2bf58a94dfd18a31cebae343298c26ab49a42ffc7ce668a619737f0482f6da4

SHA512
a9588be72576a1398e2d14680bf0967076c49b48a067463527f697912c4b73f9454d9ae139146e33ef0dc796cc28df48b01b8f5ce10268d37e9e1818ce4b434a

Download Submit