Analysis
-
max time kernel
119s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
10-03-2024 08:18
Behavioral task
behavioral1
Sample
ff16b7ea40d1f0c6dc5d440658e27f0fff152b3aeecec8a074c59d726c61fc46.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ff16b7ea40d1f0c6dc5d440658e27f0fff152b3aeecec8a074c59d726c61fc46.pdf
Resource
win10v2004-20240226-en
General
-
Target
ff16b7ea40d1f0c6dc5d440658e27f0fff152b3aeecec8a074c59d726c61fc46.pdf
-
Size
10.1MB
-
MD5
8efa8df9d6401b019a6574596f1d90f4
-
SHA1
61d964cc225734efcc5d1db74ede3a2c01c3c929
-
SHA256
ff16b7ea40d1f0c6dc5d440658e27f0fff152b3aeecec8a074c59d726c61fc46
-
SHA512
4fad7a902a320764125ad5374509f009ae8bba1df6105ada76985d7ce73084403da9917e9a222c6d6350da16c641c3b300ca81077f2cfb93ec2ffa333204cf9a
-
SSDEEP
196608:Eh4/PopVjcRJ/vSC8CNwjkEWtyJ8yZTzCEuax1gh5TIhSrLe9Y:Y+CVjO1vSCNN6cyTzCusheNG
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2060 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2060 AcroRd32.exe 2060 AcroRd32.exe 2060 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ff16b7ea40d1f0c6dc5d440658e27f0fff152b3aeecec8a074c59d726c61fc46.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2060
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD534231b9ba197492b03bb2472f40615fd
SHA1a1dfc3c6d8ed958ce0b70ca75bdc19cf4b054e99
SHA25613504794032e0fc97951accb235de27270469ea4ee80d3fbfc8133a1a4842329
SHA512adc5a9a21de5a484e4c85c0e46d7ca7e0b15241fca2922c5a58d601a609bbf66c7805e1c02109e3e5c894eff5388af72dd765c914609b6e3c71746817854b350