Overview

overview

3

Static

static

3

dfaf386049...3c.pdf

windows7-x64

1

dfaf386049...3c.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    26-03-2024 17:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dfaf3860490c9d0afd983535b94c143c.pdf

  • Size

    45KB

  • MD5

    dfaf3860490c9d0afd983535b94c143c

  • SHA1

    5ea613311acd7f10f55338b1a47e069e21859d84

  • SHA256

    2f6208f159cf7a11d717caa215859676db8309871f830a86c59c93bc6d705431

  • SHA512

    b1254bf34d6f37aa7a0c6196aacb4cc4289d0856a355bc73336858326d84597617d7be91bc8ed742f2441c0fa837cabb03128264d44303d5f18713ea35dbbc11

  • SSDEEP

    768:oAwi464vwT2RetghcyyJ2xR459WezWKUS5xN3RBc307lfIZRSW7/edpm:oAwrtwT2RetghqJ2746CWKZ33RBc30ha

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\dfaf3860490c9d0afd983535b94c143c.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1692

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    866f837a32bd98d66ad687a2e8b85401

    SHA1

    519eb85b496c0067df63adfa68fdd6d52338d68b

    SHA256

    789d2b68a6a41c893ff000eb83ac51884a3354886589fb5df49c8d9e8e020290

    SHA512

    a91c54b41f638e8233edcb6fc138c32bb9893acba529dff5ce63b26fadef504068facbdb16d31ba76c4e9a9650738f41a181de2a85064eef5aa6a181a22e5b7e

    Download Submit