Overview

overview

3

Static

static

3

c191880604...f6.pdf

windows7-x64

1

c191880604...f6.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    11-03-2024 20:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c191880604622723d8c25d1a65be43f6.pdf

  • Size

    90KB

  • MD5

    c191880604622723d8c25d1a65be43f6

  • SHA1

    56b5d1d4095f43f1524ad0923b57dc2224a65e9f

  • SHA256

    f0e689eae4aa4d88b281510c4b437ce116f4b41005a5527643ae77db962d0689

  • SHA512

    4fc2acbd9bfb019dd6a74661927762c0bf35c2a5f1ca1c79caef7b2f90ef9e40922ac69da894459b3b8e7c5e86a852d02bf77264dd20048d75c15d8fcd96be7b

  • SSDEEP

    1536:L2zJOG4k4hiLb7V3E3BVOsLjwbIhkJjHFq8tRSk3dux1L6io39ruBD91/bIiWd1w:/hYEasLjw0hkJjH6uIHv69yBD91T1WdK

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c191880604622723d8c25d1a65be43f6.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2956

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    f2c6b98ef2cec79e4d570173876ca3f1

    SHA1

    f956aa0be5ddb96d303d9b56d32bbe374a31cd41

    SHA256

    8b2ca5339566d96273e4eb5090e2e826476ab72f80c80463438d3c592da3fdb4

    SHA512

    7a81df2fbdd6c66825b4208ab340b973d52efaf917985ec9f5d13667314f3adca998b0a0c66bfaba2aefed539f528eff5bbaea08621bb841c63aa5a7b96c05db

    Download Submit