Overview

overview

1

Static

static

1

d5f0993d72...KI.pdf

windows7-x64

1

d5f0993d72...KI.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    09-05-2024 02:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d5f0993d72a88ac164abb20958412e20_NEIKI.pdf

  • Size

    73KB

  • MD5

    d5f0993d72a88ac164abb20958412e20

  • SHA1

    9edde0032275af54360f095aaa13290a54ee4bc4

  • SHA256

    85f4d453963b611ef439e7a6009b183ffe6d3678f7db4438017783b49a421e3a

  • SHA512

    c86f99b601fdd62afd8f272fa2009b7cc197e6b540ffbc6b9c2c17ca57ceeef192ec763cbbe6d90d119ff62e6832c88f96d0766f87fa96569939f88366a5aa43

  • SSDEEP

    1536:NC/ZSVDp3bGa6hXiB6tmpANHVfpdnnluGjOLV+LyUcUY4DV:4hSnShBFCI1fpNlfeVlUcyDV

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d5f0993d72a88ac164abb20958412e20_NEIKI.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1108

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    db11b0483a63e10713eb6cd29c105a7d

    SHA1

    ed7432965a0c30a1beb597c135c965bacb2dd9c9

    SHA256

    9a1a2a226b87de0c5786c4b98759eb21680a7868d4c9778488ee95afa790cba3

    SHA512

    734ff56c6136a0e7e73998b49b1d5457e68a31d9b100df29867a0a3bf29decf6409c665e67180098489db5f27a8d1b5b3e06464d5d3d67f544e2775bff577ad1

    Download Submit