Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    08/05/2024, 20:27

General

  • Target

    3f77e9bd54571d960c2a0eb73ec443c0_NEIKI.pdf

  • Size

    377KB

  • MD5

    3f77e9bd54571d960c2a0eb73ec443c0

  • SHA1

    bfd4c5fa5efdcc52374c14ee077542cb11f24579

  • SHA256

    f76d5da38f4994a3981ea24504911ad34cc462ac8dfdf0816d7d130c80f09b5e

  • SHA512

    0db88852bd031a66713dafe72cb6b2346e88a7eeadcc61523258787214cbadc9b48b374da8de394d14a1dfa568bb6eee8000d9c1c77fcfcec31929c1c03a8807

  • SSDEEP

    6144:vvOG1WA2yXuteuc+bb5LroAarf2neTGdnFJps80pTSvR8oA72jUWviURmd2TfHMy:eGwA2y8euNHS6n1UmRY7DwjHZ8edm0

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\3f77e9bd54571d960c2a0eb73ec443c0_NEIKI.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2276

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    4374b006e3a6ef5a30b71cc17463af42

    SHA1

    640a87d6afd0757f88cd72603881b3c4d516bafc

    SHA256

    1dff94b62d58fecbdfa384b88ea05620c783b4c30a5666ee85d06b1604d69de2

    SHA512

    2d7c8551ca927eea7180f3f3e35c6552349341736f0eb47bb353234f1bf42f189cce4c8e6ecff6e5613eb870108ed901a319173a01149008ed979915c6245845