Overview

overview

3

Static

static

3

8e905e5905...KI.pdf

windows7-x64

1

8e905e5905...KI.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    08/05/2024, 23:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8e905e5905fdbd40e64f146cb656c490_NEIKI.pdf

  • Size

    53KB

  • MD5

    8e905e5905fdbd40e64f146cb656c490

  • SHA1

    dfae436e6cdff128e1c4c14be28b39dbf60e5b7a

  • SHA256

    b6b55efd2019cd8f1e7417a2e897b7fd67948e6817c15665db9388f9d87f9c8b

  • SHA512

    0099f143ce796941beb3a14a4ce884f2cabe66b24fb8688189a84f135591c70386d0d993951323f65a875ed2c04dfcafe6cf45a2e3f5ebda16d983e19065be02

  • SSDEEP

    1536:+p/iWRii6AARZNrpGZhSshutsNcBZJmKBOHozX:fW8i6ACNrYZhpTyBZJnOHg

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\8e905e5905fdbd40e64f146cb656c490_NEIKI.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2512

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    b4b1c484b08b425227c69c3bcd34afd8

    SHA1

    34ca864233d50f297b910a9eaa094dab64f28f85

    SHA256

    7352d52357dc3c532651cd181a610f8894ae39bb3002569f5dfb3f04e25c1731

    SHA512

    f0661541a4da9bd69e3fffea190c4b9635ca54cbb0bbe5ebfd727566a64a8fca4700c4fa5055f32d188cedc58fa98c2bf1d51c9a07e9136a79109d8e68010d9b

    Download Submit