Overview

overview

4

Static

static

1

东明县�...��.doc

windows7-x64

4

东明县�...��.doc

windows10-2004-x64

1

东明县�...��.doc

windows7-x64

4

东明县�...��.doc

windows10-2004-x64

1

北王图�...1).pdf

windows7-x64

1

北王图�...1).pdf

windows10-2004-x64

1

北王图�...2).pdf

windows7-x64

1

北王图�...2).pdf

windows10-2004-x64

1

北王图�...��.pdf

windows7-x64

1

北王图�...��.pdf

windows10-2004-x64

1

北王图�...2).pdf

windows7-x64

1

北王图�...2).pdf

windows10-2004-x64

1

北王图�...3).pdf

windows7-x64

1

北王图�...3).pdf

windows10-2004-x64

1

北王图�...1).pdf

windows7-x64

1

北王图�...1).pdf

windows10-2004-x64

1

北王图�...2).pdf

windows7-x64

1

北王图�...2).pdf

windows10-2004-x64

1

北王图�...3).pdf

windows7-x64

1

北王图�...3).pdf

windows10-2004-x64

1

北王图�...4).pdf

windows7-x64

1

北王图�...4).pdf

windows10-2004-x64

1

北王图�...1).pdf

windows7-x64

1

北王图�...1).pdf

windows10-2004-x64

1

北王图�...2).pdf

windows7-x64

1

北王图�...2).pdf

windows10-2004-x64

1

北王图�...1).pdf

windows7-x64

1

北王图�...1).pdf

windows10-2004-x64

1

北王图�...2).pdf

windows7-x64

1

北王图�...2).pdf

windows10-2004-x64

1

北王图�...1).pdf

windows7-x64

1

北王图�...1).pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    07/05/2024, 09:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    北王图纸/3-2、板桥-14m Model (1).pdf

  • Size

    485KB

  • MD5

    b22568d052b9e9849c6bf797bdebe86d

  • SHA1

    05e079e9a00a64cccde5a88508441148d3eadeda

  • SHA256

    2f309c6df431e9f05f9977752f1d217da5799f96415e929f2bbfc389a684e4f2

  • SHA512

    2f5f8f2e659f478a06794c4b59aa3f07524585bf5897f6ae0dfb0727a38425cd70fa623804a26f12dfa550e8ed13efcf8cccea859549d6aa42ae4ecc5b681cb3

  • SSDEEP

    6144:wR+2cwD22q5qkxFILsGqcmvJs9ER8fFDyBD8BmEHpbud3aWfryVKliSUPPxJ4hE5:i+dskxCLsGqxvQfFmBDgxoPQr4OdpN

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\北王图纸\3-2、板桥-14m Model (1).pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2416

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    75f42c0afbf3ee4b149179f774bab293

    SHA1

    f39c36757ff323ac2bee05fa9c46361ba6ae5721

    SHA256

    d1f85f68beba47b7331498f11164e64bcb4989ed5dffbaba85b3209d63c584cd

    SHA512

    aa13de95e277b51f6220ab972c4347ad29fde5de01aa09a36d17cd6caabf66115a5b015d1c41b447d4da06b90d5afd464d1d3391d338871d943fc61187c23374

    Download Submit