Overview

overview

3

Static

static

3

b8f7788bee...KI.pdf

windows7-x64

1

b8f7788bee...KI.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    09-05-2024 01:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b8f7788bee7b24ab4beeb3096c85b6c0_NEIKI.pdf

  • Size

    397KB

  • MD5

    b8f7788bee7b24ab4beeb3096c85b6c0

  • SHA1

    4fbf0ae5646439adf9a2926ec01d93c97d38675a

  • SHA256

    be6efdf5ffc65c99effbe5ee068e5644e2a186aede6a86bd49b8d4a8ae27bf61

  • SHA512

    96465f411af7b0cee4ef6fab61642da5e48688438c2a85d6e3e42282a756f9860535aea30c625a0c0df7d069bd7f8e678613c3df59a3d7a173a11bb8e97a3b53

  • SSDEEP

    12288:VhF5Qj1WNeheb1Hbt6s5N+bqKwLueAdOtKO+5kQd3Q:Vhfk1m1J6sIquFY3+5ndA

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b8f7788bee7b24ab4beeb3096c85b6c0_NEIKI.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1980

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    5574f46459ab1667aed96da42ab1e3e8

    SHA1

    198b247e3bd2bd161d402c2ce83472b17602e4aa

    SHA256

    8e93e6242d725e513b7641e16608499e5867107e96d979517ffcb17ad4789b57

    SHA512

    1de182106926affb5eb61adf11f6a77d2aa580d67890e98699f3cd28b860cc92e7a2561e26c6d4f075fc5c2756916b2f84739eb40a3ba7075efcfd39ba6c6864

    Download Submit