Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    14/03/2024, 03:42

General

  • Target

    Stamps/APPROVED.pdf

  • Size

    6KB

  • MD5

    e80189805217c2895e6485c43dca469f

  • SHA1

    ef1728dd6c33be4dbc513d121aa6da354266c5d7

  • SHA256

    7025adb480253228d921d8375eb5c8c748904a6229783c2283964db2b71dae77

  • SHA512

    95f5391d6eac025efc44d5c1719fdedaabf93d32f72f40a25c9df97d2343cdbb87a642ad2e6f499ad5e4ebea037e6cca9ec929352ce5de464c0afeae230a7734

  • SSDEEP

    96:lBxFTRl1SB3Pba/PAOPpm3haBW/84py/N6XVXVUiF2fJusS3TTU7Hfes:bbTRWPOXBPAz8wy/N6llxF3sskzp

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Stamps\APPROVED.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2368

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    52473cc9fb1f2db32c9b21fcde354ba6

    SHA1

    480cdfe3c28e026110444605864ac5c8d017e0ee

    SHA256

    bfa91bb7074366bc2393ee5a99c8bcd28056f952c9b695424272e4e2cd42cb89

    SHA512

    c6fcfb412ffbbbbe4106aac44cd6e9e237494e68761d78c1b1bc1b5b1a4b2d018ee02ec0c01b30eb837db5e64d898e7130745f8cda7abcb7186b3bd4f9ad93f4