Resubmissions

24-04-2024 21:04

240424-zw3ldshe7w 4

24-04-2024 21:01

240424-zvczcahe4x 4

Analysis

  • max time kernel
    21s
  • max time network
    18s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    24-04-2024 21:01

General

  • Target

    tickets.pdf

  • Size

    40KB

  • MD5

    3f1f1276b85598aa8fc8e5b1a477631a

  • SHA1

    38e75526ea5474f2febb0a11799c093401ab80a1

  • SHA256

    13753cffa0acc99d7c6c9c078e0395f974c1507b560a61922f34c98aa81f6135

  • SHA512

    df84ce0cc51fe85b5150abe5abfe18776ba9ada92169d5ac70160c19fa93ad07a34eea9213c592898fe0614764f7b5ed5f9d98ccfbdb73d6b88f1df10ed9ed46

  • SSDEEP

    768:8o0dSJ9kcvirF8w2teXzhrFQux3k+23qNoYqo9iETOF6QQnwS:1TeXZ2XJ6NLqoQWOFawS

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\tickets.pdf"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2756

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    0d1bbd839dd75c48ad8bca03d234a7a0

    SHA1

    3f9a19cbf6d8ca78dfb0b5eb6dd1b843f69622ed

    SHA256

    27b3537aa19b324f7d5ba4b2674d951e9da1ab7b94d36a709d138134bb03bb05

    SHA512

    f5431b474b70e53f90e505334535214ecfe77e6b57961d652c898b5c18761ae9db074e741f497c5fa4a2d95733c80306bdcb209321d7777ee348b4d30b7c3f50