Overview

overview

3

Static

static

3

Material.pdf

windows7-x64

1

Material.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    14-04-2024 22:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Material.pdf

  • Size

    350KB

  • MD5

    72c812cf21909a48eb9cceb9e04b865d

  • SHA1

    2dc265f23be4cf7cda328bdf5826601cf4f4bf43

  • SHA256

    39fb927c32221134a423760c5d1f58bca4cbbcc87c891c79e390a22b63608eb4

  • SHA512

    dd246487f348dbba52c7dfaae3f943b0324414c182e0de862db7d23e82ab5362c21b8733cf84af466529c631938fc544d96d78c51ea4330877993e9da7e5cbd3

  • SSDEEP

    6144:zB1De0g/RC7lTqMAwraJOZMtXEHJGPSgwsTx/xE99jvQrZqZDxlK0oZ9TK2A6CO8:6+lq1wWAZMtUHJGPksFJYtdlK5TXuWM

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 32 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 10 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Material.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2160
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://a.pomf.cat/hgfetb.R11
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1276
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1276 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2520

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    48c824d4b3e58b6851eb61a7eb8d95b2

    SHA1

    9d35a4211857a5aff349c12571bd654296aa20ae

    SHA256

    47e90198b7c8985667859cfbf439d9f8bc7bd07e0f39396213757e6e2beac3c7

    SHA512

    042f2654c1450500d9185a666d53530e1a2cd69c7b07db790a28ddf553c6907436c4ca7afb9b8e25827ead45b730012b4b14422b6f8f393b16af9761cf84ecf2

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0946f1c5652bbb101f0be483e0ca1bdc

    SHA1

    973e9ba02b3a9a9e4bb70c701c0af39c7995c026

    SHA256

    2d491fd44f3d9160034aa32abeb847fc3c6d5de637e8c15b44fc96c0a5d010f5

    SHA512

    d6e9c2704890f5b003133cc3488290ec77dcd2dd2443c36066f6e2163140899a97ccb926ec2dd8172a018e21b50d0655c53b1021fc0d40357e00b3e7ee861dff

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    696e3b3e6182b5fe309ec4b07280e80a

    SHA1

    597d2a36058bd7aaa3cb3f6bbc5523a323537d8f

    SHA256

    3ea26a65b417bd3e98d573c949ba85d7a79257820880bf669186d9fa05862da9

    SHA512

    2d971d79eadbbe1e12a20f7e4a802b65eb117b300aa712ed68b70814606be31a6a7c12c42cecbd94fafabad1a6e99598b70865e38747cd9844ee600f248c5fc2

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    606d625f40afb53339f3ae7d05c7ee03

    SHA1

    f1391390821b864e22d32b93771a6650c3c2efb5

    SHA256

    519a6e6081d5cef033b69523c6c0ef89da9982508322517b6e5a5eca83cc4015

    SHA512

    6cb689a56686c1a4633f4704c97e0a63dc5c51362ed1548e58b72bdeebd9d1f4970194b7cdfc0669e1c1814977610c7abff6dc8f99065fd62948beb9ce9528fb

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1ad2f469349f51f4333a6c175def537b

    SHA1

    504124fbf7b2c02d48d3cb8fc54d1acf76e0f55f

    SHA256

    72bd2be1d521dfc982004fcef058990bd4d49d98ca07bde2d536ab08cfd51519

    SHA512

    2f07ad6e2512095fa89b29aeb6f800f86e8387606cd5e97501c58ff6ffc1652421a6ff586b48c04de96eea9aeea51ac9bd0aaba7a93cb50b1fef345dfe0b013c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c3d0dcba3d62d7fe50329a16e0b44598

    SHA1

    244600e095d4c3ac0306b095f80e9dc3f6fc5c4a

    SHA256

    1e020d301d24d780af809c3d5d864b63a6638b9ace79c67d183b5674cf30a80a

    SHA512

    ae3fe4a6618daa43fc212021cac5358d6abc16a519a6797cca478e33b0c7bb5697147f1a43b7651d8ab246bdb0cd9b34ecb273ea20ce65fa7fbe2fac65190c1d

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dc20ef716b17d2822ed2721e167016ac

    SHA1

    3b31f73a3c57a65d706870ed3bdb02d04a543bf4

    SHA256

    60bc281ea6f55839691d74b48c27e5a22e3d71c3d86aca53f3e62e5058215d72

    SHA512

    203ec1931e7ee50a6aad7bb2ad913ebb8d2bd36cb57ba6cb5d0b11f330cd028245b710f89d481fa8f0fbb5568b2d5ba53fc6234e9f5a32138646f87f6d30adb8

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6a7e69579619a49e2072ad9b0e554b4f

    SHA1

    8e0c9c13f8ab4c9ff9987d539a65f2f58847ec94

    SHA256

    5d7ff9216e55ec203c3c10126a19d5c30bc6d289c12c51ff9783ada1ce157788

    SHA512

    bb0953193ee27619fc5bd0f3af2f353c30fdc9184e5301e70664ee40f2e912025c97a1551e4fa91447ce826b3b302754f174876456220fa7e714ce319b5149bd

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7091594054e4ccafc870d1100520e53b

    SHA1

    54f55ec567737a5f1b68d19f54af8a2e829b2716

    SHA256

    74d3c124039348011f51ad9e569d76e866cfc79ba8ac6a1375393e49c6f4280b

    SHA512

    9c76808cee2bf1ca864ffdd554063d9d80955157e2554154be682bfb77f62b1196bd92ca32cda1e6adfee1c3986e753bdd6ddbdbfa4b0ccf2ed4c72fbfdcfd19

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab8D54.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar8E36.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    3e915a8cb32492c6ea99780f63f92261

    SHA1

    f91e5c16f88766363fc7cfbe00bb492aef6277f1

    SHA256

    e84db533f81dd15b2ec7c07b1d32cc3fd9159daaa0790104123dc1d53709ab71

    SHA512

    9aba82791f10d9975c39d6ce966dbbcd2efa592b71243a3f059c0e4bcaf209ca971378e08dde6c5f4a7bbac16fc6e8c0d25d40b52594147a1bc7bd68b98e67cc

    Download Submit