Overview

overview

6

Static

static

6

Maryamcl.pdf

windows7-x64

1

Maryamcl.pdf

windows10-2004-x64

1

attachment.xml

windows7-x64

1

attachment.xml

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    22-04-2024 20:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Maryamcl.pdf

  • Size

    33KB

  • MD5

    64b40196c197ef19c2504624ce99f309

  • SHA1

    034f9afed45495cb0ba470af819bd5d6ed00f9da

  • SHA256

    b7f918eff6dc166c1bc50a6576b832dbc4210aa16f246b33036c02f73108878a

  • SHA512

    ed6928007774fb9cbe3c21af895c39773353e4214f5276f20b25c0a46483f747b239f2ed6603e1348200935ca1989f385f10f83af0002a118bc0053962419394

  • SSDEEP

    768:f3NeB7mfFZVPfWkOQoN+r30VllEozzLKx1vlO8EMIc2BlzRT2:5ZpWrkL0Vl6Gz2jlyHc2rdT2

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Maryamcl.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2884

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    fda0c262d1a4066f6f0d52ffe9def801

    SHA1

    1b1ef782c596bb1715d315648c800bcced1895b0

    SHA256

    0fad4303121bd832c1d2eb0cefa9f0bcddacbb3c4018125217bee31e03889ac6

    SHA512

    3e2a71cfbab4ad4d6f33b3e60c64c5e262dd2daa80b6578541bc9bc00c9272c54b0b9e474a7dba98b44923566fe34d39dc9f0453bfd0534f7213284e4c989521

    Download Submit