Overview

overview

1

Static

static

1

358a8d8ad2...KI.pdf

windows7-x64

1

358a8d8ad2...KI.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    08/05/2024, 20:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    358a8d8ad205f5872a542c9eeff22260_NEIKI.pdf

  • Size

    229KB

  • MD5

    358a8d8ad205f5872a542c9eeff22260

  • SHA1

    7f428011b012a383eb6047e49f5fe1af3e2eada5

  • SHA256

    2047ad12066b7c85f9dfd8bc141c259e94284396dc0df17efb70ec43c4d3a8c0

  • SHA512

    98d6d7f80f23cc5f7bc8675ba3cb26feba4cf7496f1835ae159c2407deeaa72c37899abd331ba172768982de42362ecfd104712ad219f06d1bc4ec41285a85cc

  • SSDEEP

    3072:ejzLbgAKIG2VjYz35ddVREeqAORe1W4nNnD6iGQ:ARSThVR36RFMnuk

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\358a8d8ad205f5872a542c9eeff22260_NEIKI.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2888

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    c12a227fe0ad637cf1e52bf6d8d0b9a3

    SHA1

    df4a9fea7912149391fe12dbaac73739a9e5cf87

    SHA256

    c6d6cfaf069c90542d811997f8b283d8b357f214eb1e4bbb4832e99e6fda0f73

    SHA512

    fbe5cfe31d0e52ff88bd6f058a8be4d348202f2f6683dc8ac54c896b2818469216be3db26fa2b6bf535e62493f34acca04a825595a1d272d9f84058cbf506ac0

    Download Submit