Overview

overview

3

Static

static

3

BNG/Chenie...3.xlsx

windows7-x64

1

BNG/Chenie...3.xlsx

windows10-2004-x64

1

Commercial...re.pdf

windows7-x64

1

Commercial...re.pdf

windows10-2004-x64

1

Commercial...re.pdf

windows7-x64

1

Commercial...re.pdf

windows10-2004-x64

1

Commercial...re.pdf

windows7-x64

1

Commercial...re.pdf

windows10-2004-x64

1

Commercial...re.pdf

windows7-x64

1

Commercial...re.pdf

windows10-2004-x64

1

Commercial...re.pdf

windows7-x64

1

Commercial...re.pdf

windows10-2004-x64

1

Commercial...re.pdf

windows7-x64

1

Commercial...re.pdf

windows10-2004-x64

1

Commercial...-1.pdf

windows7-x64

1

Commercial...-1.pdf

windows10-2004-x64

1

Commercial...ce.pdf

windows7-x64

1

Commercial...ce.pdf

windows10-2004-x64

1

Fire Water...1.xlsx

windows7-x64

1

Fire Water...1.xlsx

windows10-2004-x64

1

Paddle, Bl...P.xlsx

windows7-x64

1

Paddle, Bl...P.xlsx

windows10-2004-x64

1

Paddle, Bl...s.xlsx

windows7-x64

1

Paddle, Bl...s.xlsx

windows10-2004-x64

1

Paddle, Bl...-4.pdf

windows7-x64

1

Paddle, Bl...-4.pdf

windows10-2004-x64

1

Paddle, Bl...-4.pdf

windows7-x64

1

Paddle, Bl...-4.pdf

windows10-2004-x64

1

Paddle, Bl...-4.pdf

windows7-x64

1

Paddle, Bl...-4.pdf

windows10-2004-x64

1

Paddle, Bl...-4.pdf

windows7-x64

1

Paddle, Bl...-4.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    24-04-2024 11:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Commercial Docs/COW - Permit to Work Procedure.pdf

  • Size

    714KB

  • MD5

    2074418e7fdf85f62b117f6f308822c4

  • SHA1

    bb7ee7acf1c3a209b059f5def5e7b3997968dde8

  • SHA256

    8249ef4dcd5db99afe9c2aea20800907671b1804d7a2706a549a63f3ead34c28

  • SHA512

    98147f318af3f99d83eaa7e735db998e5cc9f9c34c350f1e704d7be78a184c532e24b37c76b1217a4fec31172e736defb394b6b5a317c7551fea3d72b8f6b57f

  • SSDEEP

    12288:Ap9JbAT6f/ARd5eaa5nyZe2rCk6ikj6Ct2XWZg5mecHB+NqKaiKGKfcZbJABAJc:Ap/Amf/ARdVa5ywOCCOP4XWZgc+NqziS

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Commercial Docs\COW - Permit to Work Procedure.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2220

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    b3fd1a783d31a1a1283467da92beb081

    SHA1

    90375606b931abf572177cbc15d5b0eb9ae422f1

    SHA256

    b5cd5a9f79e491b7bc592e3f9327d5d2d483025abdc0608758639af8a3e89488

    SHA512

    14094e54cec41a96665e364bd244bdb2f607beaeb54ec9ba47fa813dac27ff0c0f14cb5502a7f74608036c53625cb5a592c81a43e4afd5673599b6aaded447ba

    Download Submit