Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
28/03/2024, 19:19
Behavioral task
behavioral1
Sample
3cd7fd5047bb91bbb4ea476b2c6397dcee72292666a6b98b20fca2fd474fec21.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
3cd7fd5047bb91bbb4ea476b2c6397dcee72292666a6b98b20fca2fd474fec21.pdf
Resource
win10v2004-20240226-en
General
-
Target
3cd7fd5047bb91bbb4ea476b2c6397dcee72292666a6b98b20fca2fd474fec21.pdf
-
Size
125KB
-
MD5
35787171bad13f4472b26cd21863c98e
-
SHA1
dd9ed4fee27a0ae96260989e559d14e729451286
-
SHA256
3cd7fd5047bb91bbb4ea476b2c6397dcee72292666a6b98b20fca2fd474fec21
-
SHA512
a9da7471ec99db119126a9f66383e5e1e3fd6eba9a1e4237407771276016e9755a3f029a98d6f251fe8a8fb6f71984192c9eb077914fcb9dc2eef54de36333dd
-
SSDEEP
3072:RHj4Li56CLq0XahjnvBmH7mmjZmfbQ+oS:R8LXgKjnvB+m7fbnoS
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2304 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2304 AcroRd32.exe 2304 AcroRd32.exe 2304 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\3cd7fd5047bb91bbb4ea476b2c6397dcee72292666a6b98b20fca2fd474fec21.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2304
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD58cf638994a85c78bf8b971bf6d27e6e2
SHA1cef80b39b8fc7bb8e3e72733b7a7d69359ac895c
SHA256623e998cf0debc0b8b0efac23a31b7b4069179e49c6d72be3cbdb2003e1adbf9
SHA512a00f82a907b8c2f8dd06145e3a4fc12ff50c43b3d417fab58da058752690d45527252d927424ed550e056c47a5f26881ddb891e7c9e3f569c8ad3ea2ac7a19bc