632558c5b7a7da28abebc78e4c9a1d06fad7fc7d7830b3abc7194ae830da8bd6 | Triage

Analysis

max time kernel
121s
max time network
136s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
08/03/2024, 16:08

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

bbaf73f1a574cac5f0fd477be0d94e6d.pdf
Size

34KB
MD5

bbaf73f1a574cac5f0fd477be0d94e6d
SHA1

224d428b773d9bda47afc22834f0c9fa60011a68
SHA256

632558c5b7a7da28abebc78e4c9a1d06fad7fc7d7830b3abc7194ae830da8bd6
SHA512

b2b6c0c71abdd9a5c09f79718df06b017c667c1727a2e32c8aadd9c3abe8f76fb8726a1ef75adcd97f0e710c49b7d6cde4acad70fd2c227d7e2899b9415c70a1
SSDEEP

768:gItV96Xs4ksFCf32nSdPfdWv3HiOv6aYdj09:gI96cci2nAIvLv6hj09

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2480	AcroRd32.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
2480	AcroRd32.exe
2480	AcroRd32.exe
2480	AcroRd32.exe
2480	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\bbaf73f1a574cac5f0fd477be0d94e6d.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2480

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
9d28b3548549c77b67b4bcd8c353468a

SHA1
9bed44166476d73d6ca474a344aec29e2c63eccc

SHA256
9823f73f2e5ae25fd5ee4901cc53f38d73d7367637ef05872129a9f98b12c5d0

SHA512
c575b4fe6524736dc4cc85eafdbd532f4a00df673abde561e1ad298904f5ba97ffb13708c375ffe408430d469773546a9fea93ddcc00e74df6ba992c8474b5d1

Download Submit