Analysis
-
max time kernel
115s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
-
submitted
22-04-2024 21:24
General
-
Target
19.04.2024_Project Helvetia_Branded Residences_Confidential.pdf
-
Size
5.1MB
-
MD5
f4d0c3e29ff62d8088c6e439dda5630d
-
SHA1
b6f66e77138b83343444a0f3eda8d1b616086eb4
-
SHA256
43d30d0b43d24daf7d3f16f6d6cfd79168c5ac8d64146afb8d287b15e830ba2c
-
SHA512
31a01de6e3b44d436367611c64d3b7b42afb7b421e37069e6e0390ac28b5341642bfa8acb124c99adccb9acc5adb90af3e66ed236cdd18a40b61c6758c2fa5a6
-
SSDEEP
98304:+WBZZusQHskKKbY9gPuv7XL9LwJp1Vvn7zW9SpcBun/gW+1:+WBvusrkY9t7L9LMp/vW9SpLn/C1
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\19.04.2024_Project Helvetia_Branded Residences_Confidential.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5ba027c0df7a59581edb40d5454da4447
SHA155ecf7c513f9bc53ecb6748934cae90baeb53282
SHA25660235cd11c02d32323880ce9ba873c4ff53bcf1bf9b1608d9fc12e0dc57f241e
SHA512eaca07dffe9187b0cb699bf1655b842c2af3c6c7c3493e78d2228d634cd41426beadbefdfbd2e85611392d39642076ca31e7ec957109e55e3da4cc41e5c8016d