Overview

overview

7

Static

static

3

(03) PDF R....2.exe

windows7-x64

7

(03) PDF R....2.exe

windows10-2004-x64

7

PDFR_Print...00.exe

windows7-x64

1

PDFR_Print...00.exe

windows10-2004-x64

1

PDF_reDirect.exe

windows7-x64

1

PDF_reDirect.exe

windows10-2004-x64

1

Stamps/APPROVED.pdf

windows7-x64

1

Stamps/APPROVED.pdf

windows10-2004-x64

1

Stamps/COMPLETED.pdf

windows7-x64

1

Stamps/COMPLETED.pdf

windows10-2004-x64

1

Stamps/CON...AL.pdf

windows7-x64

1

Stamps/CON...AL.pdf

windows10-2004-x64

1

Stamps/DRAFT BLUE.pdf

windows7-x64

1

Stamps/DRAFT BLUE.pdf

windows10-2004-x64

1

Stamps/DRAFT_ULH.pdf

windows7-x64

1

Stamps/DRAFT_ULH.pdf

windows10-2004-x64

1

Stamps/E-Mail.pdf

windows7-x64

1

Stamps/E-Mail.pdf

windows10-2004-x64

1

Stamps/EXP...rd.pdf

windows7-x64

1

Stamps/EXP...rd.pdf

windows10-2004-x64

1

Stamps/FINAL.pdf

windows7-x64

1

Stamps/FINAL.pdf

windows10-2004-x64

1

Stamps/FOR...NT.pdf

windows7-x64

1

Stamps/FOR...NT.pdf

windows10-2004-x64

1

Stamps/FOR...SE.pdf

windows7-x64

1

Stamps/FOR...SE.pdf

windows10-2004-x64

1

Stamps/INF...LY.pdf

windows7-x64

1

Stamps/INF...LY.pdf

windows10-2004-x64

1

Stamps/NOT...ED.pdf

windows7-x64

1

Stamps/NOT...ED.pdf

windows10-2004-x64

1

Stamps/NOT...SE.pdf

windows7-x64

1

Stamps/NOT...SE.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    14/03/2024, 03:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Stamps/EXP Business Card.pdf

  • Size

    23KB

  • MD5

    d5b51823d83ed6363df33b152cc2453b

  • SHA1

    3864ff4d2b44b4022f05229cb37cdfef871c7436

  • SHA256

    820ff2f0a426f7bfa6825c787e4e2ad559d155b3f811bf9b2a47a1c8b5bc193c

  • SHA512

    75bd7366c11b29222ad6027a031d72cb4e0e18b103a72f1fec4a67d728b82463cfd3facb5bd0e7a69a14ee2032aa2f0c0596602cfe621db3a16914b11378c509

  • SSDEEP

    384:+mOmJxt/YbqYX9mm7JjQQk1y1/B1FrgHt+DXY9A87f5iyK79vPb:5OwY10mlQQkE7LrgN+DXY9A8zgP9vPb

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Stamps\EXP Business Card.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1812

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    06f1ea6ffffebb96d19ba45013cfe34c

    SHA1

    52ef70d51e751b20d8ef9621880db6f098b99da4

    SHA256

    281047d1cfadc183a5ac18daec1de49a4c2e24d57da65bfab406251f90fe34bd

    SHA512

    7118ddaea1a1f01726efdd2ab8fad52a316101efbfd871f8121297f8c78e220f766a497c2e233077ceb375d63688bf4c65ded3ad60d1ea9862660beb1aec8383

    Download Submit