Analysis

  • max time kernel
    65s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    05/05/2024, 17:37

General

  • Target

    McDonnell Douglas MD-80/X-Plane MD-82 Pilot Operating Manual.pdf

  • Size

    10.7MB

  • MD5

    f2c327db933222b3c8e39cc577e86274

  • SHA1

    fbb8e8f6425c12e04e3b331179eebfaac2b6b2b7

  • SHA256

    7d02a3b417be6e8c4157659cdec45a20fedd44cab05ead91bbb819be7a696120

  • SHA512

    8c894eb00513c4c7a1b7ecd9f93b8edfc4b2d0f2053e54124bbf63f5cd66eec6196561d3700277d82437bbf57d1719f3e751bdd5d0dd9c6c5c163f41baab4f7b

  • SSDEEP

    196608:/IXRjmAndmTnF/uttQqJ2tw+WIoWF4MRGQQJbhVI7Ig4CG7hMP9KevW:gXRjmAd/bmxHZq9+vW

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\McDonnell Douglas MD-80\X-Plane MD-82 Pilot Operating Manual.pdf"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2884

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

          Filesize

          3KB

          MD5

          f0a375f3707752b3664e0e3880940996

          SHA1

          582fcf0bd3a15309155bd934372dac5324681591

          SHA256

          eb825d9640cf287465bce09e7229a887081211ae8b72605cd485333df47dbc42

          SHA512

          3e4a88dcf332c5c2ec3d456f7595839247e8bc357fbdd702ac5c62dbce1bdfcd0c0c3b5fb759ac544fbee93501faa667d772bb06c103106b6169bc9fdf6226b5