Overview

overview

3

Static

static

3

BNG/Chenie...3.xlsx

windows7-x64

1

BNG/Chenie...3.xlsx

windows10-2004-x64

1

Commercial...re.pdf

windows7-x64

1

Commercial...re.pdf

windows10-2004-x64

1

Commercial...re.pdf

windows7-x64

1

Commercial...re.pdf

windows10-2004-x64

1

Commercial...re.pdf

windows7-x64

1

Commercial...re.pdf

windows10-2004-x64

1

Commercial...re.pdf

windows7-x64

1

Commercial...re.pdf

windows10-2004-x64

1

Commercial...re.pdf

windows7-x64

1

Commercial...re.pdf

windows10-2004-x64

1

Commercial...re.pdf

windows7-x64

1

Commercial...re.pdf

windows10-2004-x64

1

Commercial...-1.pdf

windows7-x64

1

Commercial...-1.pdf

windows10-2004-x64

1

Commercial...ce.pdf

windows7-x64

1

Commercial...ce.pdf

windows10-2004-x64

1

Fire Water...1.xlsx

windows7-x64

1

Fire Water...1.xlsx

windows10-2004-x64

1

Paddle, Bl...P.xlsx

windows7-x64

1

Paddle, Bl...P.xlsx

windows10-2004-x64

1

Paddle, Bl...s.xlsx

windows7-x64

1

Paddle, Bl...s.xlsx

windows10-2004-x64

1

Paddle, Bl...-4.pdf

windows7-x64

1

Paddle, Bl...-4.pdf

windows10-2004-x64

1

Paddle, Bl...-4.pdf

windows7-x64

1

Paddle, Bl...-4.pdf

windows10-2004-x64

1

Paddle, Bl...-4.pdf

windows7-x64

1

Paddle, Bl...-4.pdf

windows10-2004-x64

1

Paddle, Bl...-4.pdf

windows7-x64

1

Paddle, Bl...-4.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    24-04-2024 11:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Commercial Docs/COW - Lifting Operations Permitting Procedure.pdf

  • Size

    548KB

  • MD5

    2fe1cb03cfc0e23b6067125d5b671699

  • SHA1

    6dff8fbee105a2ea26a83301293168844e86f950

  • SHA256

    d8281273184b32e54d8067f6e323553dad2cc5b67ce0580b454fcead2359767c

  • SHA512

    143f85d8f09b1c76693447ea05083ccba9fdb3872783d95c9d2e58b17f0224b77928027e709eaa24defa9609b1f4767699ecea3bd15cc91bb2ddbb3901a2c4d1

  • SSDEEP

    12288:Z8UiOlH6PxjS+EzqihXqUU3DC/1od+e3Feso6GtUEAegkVXd0jRMgZC+yMkEhlPY:K/OlH6PxjS+EzqihXqUUTC/1cn3F/o6G

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Commercial Docs\COW - Lifting Operations Permitting Procedure.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2328

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    68190021dba627c2bf6651ea8a0ee7b9

    SHA1

    a119318b7ab1752280d45b23ec161605edcf4211

    SHA256

    8ac4574094d49d2cba439d6d9612190484ec766c07c34089903809754d947d86

    SHA512

    685025aaeb44a3636fd2f747d957661b157a94ae42bcc5b8e66c2df117f753ded59987b779cda4440c541a42e579b458bdcfe4ab1e5fadf109fbaaf9e0fa82b8

    Download Submit