33f10b1997adf04edcbe73be9edf21a8e24ef3c616dd8b72f8f21aa08d9f89ce | Triage

Analysis

max time kernel
121s
max time network
124s
platform
windows7_x64
resource
win7-20240215-en
resource tags

arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
submitted
27/03/2024, 05:42

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

e0e8528be42b4dd051f583066070043b.pdf
Size

109KB
MD5

e0e8528be42b4dd051f583066070043b
SHA1

aca5f0603d2d32b56a126730f18c45b99d6ff9c8
SHA256

33f10b1997adf04edcbe73be9edf21a8e24ef3c616dd8b72f8f21aa08d9f89ce
SHA512

29d5c9e841a8498ac9edd61d78c0ac5eb94781bef7846b9db1f41aef2242eff833641ffac045eb12c6b50c2c7260e74239d71a7ed3ada683d84570ad308b2d9b
SSDEEP

3072:qV8x2nakk74szUqUSrzq/q2eiv2GXmn15EtA:qSAakk3zJUSn3

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2760	AcroRd32.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
2760	AcroRd32.exe
2760	AcroRd32.exe
2760	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\e0e8528be42b4dd051f583066070043b.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2760

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
9e63ed302e17e2a1c0e84d5026f8a415

SHA1
af2f2b39d5da65629b6b7bf370ff282ca8a63f5d

SHA256
e5ea44730527ca4fad20d03c74d576f805c187fedd1aeb68d1196443b7bb8ffe

SHA512
c0a6756e8bba4c74d3f7f4ccfba7e784327244f0744518ab1b073eda0eba70c25980289d7674a8994134ae77bb4e9b64d241104c5ca73628ac304461b54fd860

Download Submit