3c63458e1852a7125ecbc4e413aac9ab16dd73d4d0c20c0fd354703b7abd337b | Triage

Analysis

max time kernel
120s
max time network
122s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
22-04-2024 09:06

Sharing

Report Analysis Logs

General

Target

11600kg/605. tc_cb-gss_GSS-OCS-119202_20240402.pdf
Size

221KB
MD5

1840709dbef1d545fb9d3e230c91640e
SHA1

f41729984015ede84ad5a401511ef218f4633890
SHA256

cadf9a9a76f54cb59e24cd8aa2d1510aee26af725d23e8d59b6ed4620b4379e0
SHA512

f1debab78a7028a5adf53799d0663b17b74cc37702f0fb5f0171878ac5fd8aeac9fcb2cd6e5e2844144f655412b0a58382fc35cb9ed5ccf1060ad026a1ce89bd
SSDEEP

6144:++gYrmTv489zupodfgjOvALMsh/OIJGFc:vgXTrzVdERd

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

2360 AcroRd32.exe
Suspicious use of SetWindowsHookEx 3 IoCs

Processes:

AcroRd32.exe

pid process

2360 AcroRd32.exe
2360 AcroRd32.exe
2360 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\11600kg\605. tc_cb-gss_GSS-OCS-119202_20240402.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2360

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
9e3186f2643bf3bec469f44e81e7b458

SHA1
53cd195efcb780f96209ea0234712d144ecdf71c

SHA256
7ff80ffbf1b1a6725adb8e70bbfbe013c2977c38a06f460f2a34b430c383fc07

SHA512
77f68b1f5f35e7dc1ae8ac280957e39fc63bf2ac416bb901c2a24aa8153d8b07680a615f60ba4d10626467a9c28935bd626a09ee3e68e889bfcb34c96f0ab171

Download Submit