Overview

overview

3

Static

static

3

f21a98234c...KI.pdf

windows7-x64

1

f21a98234c...KI.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    09/05/2024, 04:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f21a98234cafacde6c308e6641834710_NEIKI.pdf

  • Size

    83KB

  • MD5

    f21a98234cafacde6c308e6641834710

  • SHA1

    d92430c2ba9801057df16daed7876ff7b40186a6

  • SHA256

    fd0c99456c75dbfc87bc4aa4b3a9fd0e56d4dcbe9ec7a2b6f5c0472676951a48

  • SHA512

    4152f4f91f786bf78b876e6adfdbdfab05580d375c3803832566d19e133052a16702801d1f2fa6b49a4aef0d147b1ee5b2918e1c606775fcee2dcbbd9741e597

  • SSDEEP

    1536:9x2Q0/DsbdavSwMG5oa8suVwDKYfZ7Yao9/W/+2Z17jyjNkWApO6MqdfXZ:7B0rmzE5o/sSg7YVf27kz6MOB

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f21a98234cafacde6c308e6641834710_NEIKI.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2084

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    2d3ad8d7e8a24ce016aebb53e4a03c83

    SHA1

    26ebdbb63c612e4e7bb9d08c5eed97129a2f367c

    SHA256

    bfdeca32759112d6238e43f70798630723dfc075cdeb24182164bed962b476a0

    SHA512

    50fd0eb36ee674edef9bec47f8bcf69bdf570ad0de72d8eaadc3505a398127d6e075339c30022661d73a4303ed0f1e2efc4e03036ebe806619d32cb384631c34

    Download Submit