Overview

overview

7

Static

static

3

(03) PDF R....2.exe

windows7-x64

7

(03) PDF R....2.exe

windows10-2004-x64

7

PDFR_Print...00.exe

windows7-x64

1

PDFR_Print...00.exe

windows10-2004-x64

1

PDF_reDirect.exe

windows7-x64

1

PDF_reDirect.exe

windows10-2004-x64

1

Stamps/APPROVED.pdf

windows7-x64

1

Stamps/APPROVED.pdf

windows10-2004-x64

1

Stamps/COMPLETED.pdf

windows7-x64

1

Stamps/COMPLETED.pdf

windows10-2004-x64

1

Stamps/CON...AL.pdf

windows7-x64

1

Stamps/CON...AL.pdf

windows10-2004-x64

1

Stamps/DRAFT BLUE.pdf

windows7-x64

1

Stamps/DRAFT BLUE.pdf

windows10-2004-x64

1

Stamps/DRAFT_ULH.pdf

windows7-x64

1

Stamps/DRAFT_ULH.pdf

windows10-2004-x64

1

Stamps/E-Mail.pdf

windows7-x64

1

Stamps/E-Mail.pdf

windows10-2004-x64

1

Stamps/EXP...rd.pdf

windows7-x64

1

Stamps/EXP...rd.pdf

windows10-2004-x64

1

Stamps/FINAL.pdf

windows7-x64

1

Stamps/FINAL.pdf

windows10-2004-x64

1

Stamps/FOR...NT.pdf

windows7-x64

1

Stamps/FOR...NT.pdf

windows10-2004-x64

1

Stamps/FOR...SE.pdf

windows7-x64

1

Stamps/FOR...SE.pdf

windows10-2004-x64

1

Stamps/INF...LY.pdf

windows7-x64

1

Stamps/INF...LY.pdf

windows10-2004-x64

1

Stamps/NOT...ED.pdf

windows7-x64

1

Stamps/NOT...ED.pdf

windows10-2004-x64

1

Stamps/NOT...SE.pdf

windows7-x64

1

Stamps/NOT...SE.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    14/03/2024, 03:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Stamps/NOT APPROVED.pdf

  • Size

    6KB

  • MD5

    d200cd4b96dd0c73525cbf7d7c953eb4

  • SHA1

    1a4a350ff5c23a8175214ed0db4eb05a7dadb929

  • SHA256

    15c80dbb1d8d99fe7bde382804492169d027b7e70d6ddfda817a7f1b3768ca80

  • SHA512

    80cfc433a2d9634b4a88738773ea3003b4d2f1a838dbe7459a22c6102af003c29d498ca79e9596f6dd502ab68d0d0135194c3a6212ae40d4de35855a40544e49

  • SSDEEP

    96:l1SWqLlXAZ/MmV/LY711FXPPHW/84py/OuqY9uv6TzDouac/feZXpETYcXDHIt:XqLlQZg5k8wy/jrouacM5Jc0t

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Stamps\NOT APPROVED.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2912

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    029b63d549cc2a695d42d43aefb9f314

    SHA1

    8b91a486b3713abda8eeb8eb6b404e4a8f420885

    SHA256

    f823e686ee1a107f5eb7b694863b5dbaf7723cea1734c95fe3d430d825fbdf50

    SHA512

    7e9610b014dfc49f792665f77496741f260c4cca06a7a575c70da26397a7a96cb965a9d3d3228f6be1d43d764159e0d11b207ba48de8456219c9c39a09a0213d

    Download Submit