Overview

overview

5

Static

static

5

f34d9304e6...KI.pdf

windows7-x64

1

f34d9304e6...KI.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    09/05/2024, 04:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f34d9304e68bcded098d5e986d86f4a0_NEIKI.pdf

  • Size

    61KB

  • MD5

    f34d9304e68bcded098d5e986d86f4a0

  • SHA1

    985741e6ec55221f5b1e646b6456657fd0854eb0

  • SHA256

    aaf58b577e324cdd01a677627247810a8e74a24d82b911dda0ee7932d7942fd3

  • SHA512

    475ada8565b51fbd0ae77903cc8d9c3342ffe31298ba6c747a163571a97bfd8dc722958452a1b3a856deef3d982a4f077b4aec1436d07ae84414548f592d57a8

  • SSDEEP

    768:Vzsz1povHz2s7f6Wz0H+qQRdEIZjQ6TdBKWtPSiMV0z/YJuft9y6rl3wJI85N7uF:mNiwuFaJpi2SFYLpgZbPCr5mZopSh

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f34d9304e68bcded098d5e986d86f4a0_NEIKI.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1120

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    9e82b3d7cce7a92a0c0803f5efd27b83

    SHA1

    49032a90ecab9a253dd87951928fea04e7427330

    SHA256

    20d1a07a49671965dc549e386bdc5dceb373fa7c6305a36a26821d7aa540cd96

    SHA512

    bbd80a5d511bb070ba2d78ea15dd3327391925dfdf0c58336d13f499311265e4dc92ef86f77883468a0e2bad8ad0c927939ecf017a497ef778001b77c738210d

    Download Submit