Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    10/03/2024, 12:12

General

  • Target

    be935fed2b1a2bbd51dc9e940367cf6c.pdf

  • Size

    91KB

  • MD5

    be935fed2b1a2bbd51dc9e940367cf6c

  • SHA1

    25ad02de265df7e32dd3fd2493ffe37ecfc14f76

  • SHA256

    87131e396a343d61342b24e02034a4e60716c12100e24be6f57086cfcac3be64

  • SHA512

    1a52084e287a2be92e4057260761a4bde6caa40c306080b39c7ded829d4836c1e22feeb1184cbec6c946f2066eba44f06abfb6f6506a98f960d0ae85fafab47f

  • SSDEEP

    1536:5uGymaSDISqKD7qrxFLuzbF9g/XM8P3K8d/shR/zhVnY0WGdVT8OwWQpOCnWTFVZ:0mJseGrWzbFq803K8d/o/3YU8OfCUJqm

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\be935fed2b1a2bbd51dc9e940367cf6c.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1976

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    2e184d4919a33e1c672931e94fc7d019

    SHA1

    4ae189d97e324c665e8d31c300758537509de9ed

    SHA256

    c324bd71b4e293da84603e688045ee092a68d917a9c567d5071f1523bafdc960

    SHA512

    3d7d14b3d4f7c23d3ed36edc9a80b24db893c48208e2414ee50ebd8cfaeedfaf194c8a76dcdab68702c0fa9922edcde6387c5ff56c60911acf347b2a47d182ed