Analysis

  • max time kernel
    119s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    19/03/2024, 03:15

General

  • Target

    d511afe100e38846103ddac6d4b83ad8.pdf

  • Size

    86KB

  • MD5

    d511afe100e38846103ddac6d4b83ad8

  • SHA1

    007c5911ddb3ef92a27a9e915a9569ec9ea0ecaf

  • SHA256

    7fe2cf735993b1f902c7a292c14f2a8032e0f26895aea4fc37536e7c5e76f49c

  • SHA512

    c38cb255d7557b531f434c12a0cee6a901438f3746bb34d3c60965a44b28fd80231b09172f7af77d65229467c258dc63a23cc9d3782d1c146622f8c45cfd729e

  • SSDEEP

    1536:QDl6Tw3mcB/oJ9bjSKxUHKwR6QeT1Md9KRt0Ktw69QlWOyITWRU9rdmM59YqWOpF:TmGdjSawJRyTQ9KRt5ycIcU9rE4yPZe

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d511afe100e38846103ddac6d4b83ad8.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2488

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    6e9b07787d4c2f7576779eb5dcf5f56a

    SHA1

    2487251958a6718550dbbe8eac3fee16e6cd6dcf

    SHA256

    814ac1b7fb7a9c213e13b13b94c4f6cae12ca3b5399120042ccd1dc08e41797c

    SHA512

    8dc88c9bb1b2f2d207484dc8a0517a86596fbce7a9ba0f21b76be95c99ade826bf75bd9c4ef2d37330782c0a40da9afeb9c5ca52d691bebc9a3a18da56083902