Analysis
-
max time kernel
120s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
29/03/2024, 02:26
Behavioral task
behavioral1
Sample
c7452ee8df5fd7e53330924c2e80f95662b6657e557bdfd11893944fbb95f771.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
c7452ee8df5fd7e53330924c2e80f95662b6657e557bdfd11893944fbb95f771.pdf
Resource
win10v2004-20231215-en
General
-
Target
c7452ee8df5fd7e53330924c2e80f95662b6657e557bdfd11893944fbb95f771.pdf
-
Size
1.3MB
-
MD5
deba523f5446473dd740bb96351efe0c
-
SHA1
7f1bea838ea4cafec60f54606258945b0d962bae
-
SHA256
c7452ee8df5fd7e53330924c2e80f95662b6657e557bdfd11893944fbb95f771
-
SHA512
7e664a3bc9d0ccd34e2ba7af1c71bc530d2abca1320d8322bbf3fdde5bbacd23660ee2e3d8ebe1a0d92458d3a886f5ef7eccd69e909d537907e7c98d02c5c3e0
-
SSDEEP
24576:rv+4c0wn+DwnTGkxdeNYL238PgcISBurTEYPdQ2/xDH3GGfm+BYVB7RVSxMzrUjo:JHynTRS8CigpSBYTZPdQ2B3fm5VSivUk
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2744 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2744 AcroRd32.exe 2744 AcroRd32.exe 2744 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c7452ee8df5fd7e53330924c2e80f95662b6657e557bdfd11893944fbb95f771.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2744
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD53fee24260d53be400a241d8eb57372fc
SHA11eb7d702e93077ecc10c79e480fe66bc872e6761
SHA256dfdea1c142ec1cee7dd5e84182a80ac14ac9a70bf7d2b7e6ee5642b7b604b7e3
SHA5120ce689aa62ba653c30f8acd2570134bb99c6e9783691f184e4510acbd11a487156c1680438e80de6cd0edf8b798847766711d36fecaae0d157ca8c35dd2140a5