Overview

overview

1

Static

static

1

5622250899...aw.pdf

windows7-x64

1

5622250899...aw.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    23-04-2024 02:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5622250899 -042224- 5990523149(Medialoft)‮‮‮vaw.pdf

  • Size

    22KB

  • MD5

    5fba5988cc217c69f2b16fef613bc3d3

  • SHA1

    86fbce7fad5c87814784f8926f7129e86de2f3b0

  • SHA256

    887bad333eae6d0a96aa9e710d3396acafead27df3da468783836edccf93b057

  • SHA512

    8bc5a0f348eb683ec706c0fd97563f62951a7d39e6e3b561299d92a0df5aec2dc033b70f40ec3427eccfa7c7a0f089a13cc6e47fb5988e9589b0aef940bd7352

  • SSDEEP

    384:SSdGttjC+3F3u1NzwI4pn6YZqyEoUXml58eCUSMFqrWQD8fxbSQrCUSVp:latu+3F3u1Nc3NZ9EoUXmllarDoFD4p

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\5622250899 -042224- 5990523149(Medialoft)‮‮‮vaw.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2280

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    d83aae2cd861424960278d4d7ebb1b25

    SHA1

    b0658b48ef10013bfbe03e32edfdd44b88395da0

    SHA256

    a2237cf649647bada0e630813cee1e655952c2d1800d53fa0b57414491723a10

    SHA512

    f3c4f94d6ff03aa084e4eb89c6b73536a524670aaebca917f1c84f6af6e651c5c88fb5c8a24c0b3916e7d920e9343d7da4aa59ac95f4ee3ce5e33a1c600ea9d2

    Download Submit