Analysis

  • max time kernel
    119s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    10/03/2024, 06:55

General

  • Target

    bdf60a67a690a13d8dcfbe335a15f1d3.pdf

  • Size

    75KB

  • MD5

    bdf60a67a690a13d8dcfbe335a15f1d3

  • SHA1

    5ece69aebf26262424dd6f54dded69fd838e2335

  • SHA256

    8b8c65bcfae9b4097357eaae28cf84e3a40f670f43f7b0a0e3f646a0a7f24412

  • SHA512

    5cd8b3b034b363921b383f46ea95be0ec1b8afc733163cb94a04cd2cf878cd99e9d3d944885509252176f36eda2288bfd469eb86aad287955c87903f901c2228

  • SSDEEP

    1536:O3MBxmL22M7dvHmGRpJKU/3waalj9cvnzUx62bi2E8HuIWw+I1XjC0:eM7mL22MJPzRpJ//gaap9cvzUc2biOHL

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\bdf60a67a690a13d8dcfbe335a15f1d3.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2952

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    e027ea5af28658ee3d1f6ac371c7cbbf

    SHA1

    f9b44ad1d31a9a6be313b43b80373a8b1bdb5068

    SHA256

    b58daa38f47352bab9b8d99f34d542115cd0bc6c62104615911ccee17fe1af0a

    SHA512

    a4b7a1c85d991dda14fcce0d97d2fc9119e59692c7fa7f09d5eb773cd6668fb737faaf1edc017b2c4f11fa0ecfc94f13eca9cc3a1a4a3b4f37a567d169e166e6