Analysis
-
max time kernel
150s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
-
submitted
23-04-2024 11:40
General
-
Target
lzh5_20240423_121936316.pdf
-
Size
175KB
-
MD5
31ea611140f31ca1a190dcf9117ba36c
-
SHA1
072a1b730f3a097dea00f99f4490aba12a0cce94
-
SHA256
105839e78efe93dda0ca8f21cc7341d7229539327a24ecb5e8686cdd13b96d75
-
SHA512
ae79cbab134bf143a346b62a23e9ba5472ddc5b14200e3f79330ba13296c53318408b814f575fcf11eaa64497a62acbf38315ef2198e0b89c4454f78c0dd0606
-
SSDEEP
3072:DzWexzc+tNaUW9AFlNmI2VrMau2lU68F6GCwznhYU2JUUmG+pdBBTP7RW0/MLvbz:DCexztat9AFlNmI2VMaPU1gGv02d/FW1
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\lzh5_20240423_121936316.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5da12f2b4b70ca21d386ce3a942cdf5b4
SHA1900dd5dae3838bb59f41b38d5fb7e3006ccff7b4
SHA256ace4a34c5a1995e371d9c9bd716e782900c3dce0fcad2641df71b7e6aab93590
SHA51299d7a3aa2a5ea0f4fbed0f50cc8dd77fe36cbf5a4fee3c5528dbe9897bb05e1ab73253d06e78dad1c0eedef2c7ade168f0eb5f0e8b3467f4b5bd4556daeb1958
-
memory/2792-0-0x0000000002980000-0x00000000029F6000-memory.dmpFilesize
472KB