Overview

overview

7

Static

static

3

(03) PDF R....2.exe

windows7-x64

7

(03) PDF R....2.exe

windows10-2004-x64

7

PDFR_Print...00.exe

windows7-x64

1

PDFR_Print...00.exe

windows10-2004-x64

1

PDF_reDirect.exe

windows7-x64

1

PDF_reDirect.exe

windows10-2004-x64

1

Stamps/APPROVED.pdf

windows7-x64

1

Stamps/APPROVED.pdf

windows10-2004-x64

1

Stamps/COMPLETED.pdf

windows7-x64

1

Stamps/COMPLETED.pdf

windows10-2004-x64

1

Stamps/CON...AL.pdf

windows7-x64

1

Stamps/CON...AL.pdf

windows10-2004-x64

1

Stamps/DRAFT BLUE.pdf

windows7-x64

1

Stamps/DRAFT BLUE.pdf

windows10-2004-x64

1

Stamps/DRAFT_ULH.pdf

windows7-x64

1

Stamps/DRAFT_ULH.pdf

windows10-2004-x64

1

Stamps/E-Mail.pdf

windows7-x64

1

Stamps/E-Mail.pdf

windows10-2004-x64

1

Stamps/EXP...rd.pdf

windows7-x64

1

Stamps/EXP...rd.pdf

windows10-2004-x64

1

Stamps/FINAL.pdf

windows7-x64

1

Stamps/FINAL.pdf

windows10-2004-x64

1

Stamps/FOR...NT.pdf

windows7-x64

1

Stamps/FOR...NT.pdf

windows10-2004-x64

1

Stamps/FOR...SE.pdf

windows7-x64

1

Stamps/FOR...SE.pdf

windows10-2004-x64

1

Stamps/INF...LY.pdf

windows7-x64

1

Stamps/INF...LY.pdf

windows10-2004-x64

1

Stamps/NOT...ED.pdf

windows7-x64

1

Stamps/NOT...ED.pdf

windows10-2004-x64

1

Stamps/NOT...SE.pdf

windows7-x64

1

Stamps/NOT...SE.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    14/03/2024, 03:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Stamps/CONFIDENTIAL.pdf

  • Size

    6KB

  • MD5

    3715ac43f4db3c4ffdead812334218a4

  • SHA1

    e1818bfa30fc53211bb17a72dea6f29b2959f1d8

  • SHA256

    8eb01a010b01d55d59f906b9fa63e9e8e8c1cb73ed36cbb2800983e7b72f8ec3

  • SHA512

    dc997e97ebadc152b6f2c5743db51d79e82ad9c002ff23f0e8790924a174a1f9fcd110dde5692dbe113926aadbd6b87c4ff4b784d2df6ff9ba64161510623293

  • SSDEEP

    96:ldAjFj4TzkqS2lFoc74TZyW/84pW/flY25Vzb4M5fFm2z77/qLHJG:7A2XY4oc0T/8wW/fKKf4MGgh

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Stamps\CONFIDENTIAL.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:3060

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    30c9477f2785c021a1fce0f5f835ea74

    SHA1

    1d8d794e786c7c164ad7db1769bd6aad39371ce7

    SHA256

    235e7e77bbcc8a3b0219dff94635a091f758f376832751d9ee4b0ba02f4f6c6d

    SHA512

    2c5015c6b016c79e9c980a7b3a5557783025cc79245c16a246ff68372645780dd43d02359a495b2ef3e39a0057e90ab115bc8c4ae7ed66bc44eef76cdae29097

    Download Submit