Overview

overview

3

Static

static

3

a6cfd95097...KI.pdf

windows7-x64

1

a6cfd95097...KI.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    09-05-2024 00:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a6cfd95097cbdf59c85e8005bda47870_NEIKI.pdf

  • Size

    52KB

  • MD5

    a6cfd95097cbdf59c85e8005bda47870

  • SHA1

    c18809d3751883ea4af2e956e9b12307cc0092b7

  • SHA256

    3d35cb6fb1403268662e03021664dc05425bb8e548382b3715647492887431e7

  • SHA512

    0cc05d263db1048fbc08f2b426dbc0d5491995dc25ec1219cd0ce82577747bd972f9b5eff1d129edde7e56c3ecdb454566fda5fd645973a741f2a7be79fb477b

  • SSDEEP

    1536:TlP1bSVpgBEW0lvYL+n2l+wL4ziSnl+vtrbw:TfOvBlvYL62LL4UQ

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a6cfd95097cbdf59c85e8005bda47870_NEIKI.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2220

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    b160dfb3329badc8db1fd352e5de0581

    SHA1

    a5f58add972f5f21b2f23fa7feda3055cb6664a1

    SHA256

    9794c503774a2a9d8df43c8b61cf7fa39134b4b77e7396c0aa3cd5dd08368101

    SHA512

    cf44daf95b3910cb917a9f65973a76cda9149425247573c5c173bc8d39d7ac833cc1fa12a7125e1e1e98d4c32a0b81fc3ff42369196af6d19509e5604e408f29

    Download Submit