Overview

overview

5

Static

static

5

may-docume...54.pdf

windows7-x64

1

may-docume...54.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    09-05-2024 06:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    may-document_56589654.pdf

  • Size

    37KB

  • MD5

    e79b3bcefc9e53077cb35a0f9e47b8f3

  • SHA1

    34abdfdabd84c19457fdf2bf10407462fddb1066

  • SHA256

    7f5d7e54307ca1661eba9ad05361e8c8b35fe9db40a1c0f8d54ab2945092103b

  • SHA512

    acc6d108f5e006d68191f9e777416507f1a170b51066e619c7e8aef2acee770f1845a83348343f96bfc94f7faddd159f6fc75da6c9af3fb8a336801ecc27161b

  • SSDEEP

    768:6qpJdTG3QYxIGdusFLTekz1QqAJRaA83sUlWWqdZcKSj4:xwRxvduCLSeCJRaoUD6ZcKG4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 10 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\may-document_56589654.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1732
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://adventsales.co.uk/rji2c
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2608
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2608 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2752

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    666d15103ed8a93efda06acbaa4ec9ce

    SHA1

    4d151a77a42792e7125fae477445b98658235d0d

    SHA256

    6572e323b3bd4d831e46c6e9746ae995c4c9b90b6357d8d22606dbf3fcdd5b8e

    SHA512

    861f46b4312d57a6961610548727df893deeb4d2113afd88927033823a461da367ceabe94b2cc9a06fdf7f870f6b1c8f0c069cdf022d9a1f801d64da3504d549

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    773f533eedc4db5624101e88ca86046c

    SHA1

    88af644acab5500b726ef187433af290f8198648

    SHA256

    564d6bfad91714e56e45c15087b2787b0a2b75dd0b04ca2aa148b1e92b88b23c

    SHA512

    cd1efe11838106a5e922c8c44bd82381937508524011764f8c0a0c3ba5aaefa5b8f1358c9aaef9965d6fd6e7eee4fe44eef8c354c2f0a4183ec48d01775f6fb4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bffffbcd0449884ca9081382d67d67fb

    SHA1

    0fce3563fe38b8948f4bde6b6bda13561cfd5327

    SHA256

    735f854e7c9e7a40d91af775fd9e82b79345bb0655ccb42eb7bdd4e6ff6b7fe2

    SHA512

    a4b5a92a4bcc7547535d2ff14f0539374ccb75ccabb8e37a494b10297770d0fefc7f5e2284740ef8f18359158273145d4f89f3c20e7c211fe3abc52b715d271c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8f4f3e45a254669303c0511a406ed022

    SHA1

    2d62bc7df7165dd244bbd05c7e8080f2ad8d3b8e

    SHA256

    582baec9702530fae7da8741fc602fc6ad22f86ebb9c8fc0feac08af3bc617b4

    SHA512

    d34293d2419ec73393e692348e656c03618ae91805da2861f763208206944c0600f0a89d3c234cb653be5b50f06cc15d6825a77c4d644191e2fdb1e5815c7a75

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    83c1949ceb0268fbcef729d94e5a741b

    SHA1

    50775b7fc09a331a60ddfa1b9d6fe74d8941b95d

    SHA256

    596b057278ec20bbdd813300b7cb60b37581b174e3fa7bfd92db03e7813ba9ac

    SHA512

    7ce1312c6dd7a98f32682ef77833d9fa6b4bb868413873b64a3dc17f55a34b0b32457653eb95b4b162c887db6ef8ec3a195f9d3825252939dbf6ca11019a4110

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a127c6c93041bd2ac137ea1438c53ba8

    SHA1

    25d10232d7c131f286627fc24a44473aba683a86

    SHA256

    1f47256cf7870c829d69a254f412e948bc420dcb1e49beabd9ebb534aedc2ea8

    SHA512

    d074431e6e5832253abccbfc2f09c498ae1625b767ddac8e9ab42b54d5f0763df933416e036b0d47752c3de0e1d8fa843cbfc2233e134227548cdd0de57dbac4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b0f4a865510ffae971f02db8b7102e27

    SHA1

    7b94d793529077bde0aaa21be52c4439312415b7

    SHA256

    b3ea30d04078c0c13727c04a62bd61cc2e46528e78eaaf7f8b9e4e671a8f3395

    SHA512

    07e292dfe172e599e50a45a383cab3606cc0560aa483a1d4dc7948db69d8e53204cda0b38f024e0bf932b786cb894afcbe1f3b383b89ae15dc1c6cad25f6476f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bf3233ea31927c3af0c3500b766cc152

    SHA1

    14856e4feed41ca6f54cd293160f4111cb16a3d9

    SHA256

    fdd3f71d89cb2d055564fffe3c9f983c2c5c3f62dc211c32cf9b31a56b5cab79

    SHA512

    68fc4b17c13d8c3250cfd34c6f698b18c739dad65c05e6e86cf55f067d4e66a5c1f26c41192311d009b965b6b98e2283a1603bbe4f625626689f18d450b94af2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3ed2d3f1aa5d5d479ba47c23c8c1f809

    SHA1

    71c2ba4b66bd82c0493ce1410885cd452a7364c7

    SHA256

    fd8e682789fc0396eaf40f401726bf2698f53c4120b93362a1e56ff90895f47c

    SHA512

    d88c7d417b58ca1bf5466cd2cfe94a360d185c4e1c49f0a89b1e577934bbda80829ee8aeece4ff99696439544de5272e985292be3634734905a80e26d35a9904

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    87cbb7d23818cd164f66e578ffa17563

    SHA1

    61b05d7866405b8fa943224b7149c42665b2c077

    SHA256

    a4289fd33457bdb4d8587edf31f6e5bf7d0e079847341c61ecc6214a8f2128db

    SHA512

    de1fcfbb0ce373ed8c3a69e1ec3a6e4575b34f4e79ee22252431db02ecb154161628741c24e458af6a01d47cd53b3d914770c9fc86276584cfb552ab438acdd0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2d78236115b081b71574c70fdbf12141

    SHA1

    6680e352970a20f28f2f40fdeb3fd6307ff32f62

    SHA256

    b20306612cdf1541a656e786af86ce2612413b86a985317804f52bb4c9101451

    SHA512

    3426ad55e653bd3847d08b2504963727033669ea2200af5439797d5389fdaeadd514c242016b45e6842826b77b13f440ef804f2d3752282bdb34a533b0f97916

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7f8ba4c68d500d4c2998ded09265db3b

    SHA1

    1c0a8c7139bc4e37ab3edb4bca3c0a30b9993f64

    SHA256

    504b1f8da690a3f0157e086c66b4c8d4abdea5ce4586e12c0b2dbcb8f72095a9

    SHA512

    69d481de3a22aa697e0a7ea1e9a23cdffd5377e0ae8495507c3b14277d69b3b553eeb48ceeafac563dcc9354a3485e93494c10a27c2808aa0174c336b8af9316

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f31cc4fd80bd16ea77ffa4f51577b4a1

    SHA1

    cb42a4047fb39e4b7381db9d7defb74b72ba5a69

    SHA256

    09ed886c0a1f3e2aa82777832da6a65f04d975fe161d2ef1070fbd79ade6bfe7

    SHA512

    a495f7d2eb8f19e9c3ae1134e0dbe75d8069d49eb025456720e253aa6ca59c1360b0fa2e5bd890b3e39144e4d917744b8c1ae0916bd35a0cbbada44ae53b4113

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0e2fa601f01dfc445d21f346e801576a

    SHA1

    a8da7cf7c5b2c76901b1e35e722702b1fc57c4a6

    SHA256

    b581f50286b16fdfd15fca2e1880bf4b004da207c2b39d16b9ae7501c9a89281

    SHA512

    58ce7f3f48b14c0c698d2f3d2cc22a5b5ef786016f9284cbd4ffcb0e02aed4631639a7c4f6dee4c5146049975c6afaaa4f48e7755aba60394536e0d1b9a9fc3c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    07cf6bece523bcdaef99939ae54c57f8

    SHA1

    25b584ca09351d4d1d081e26316529791d1e87b3

    SHA256

    f914fa6758d427cc170c42340455d456f2195e93edd924e7ac65dffb2ca04573

    SHA512

    98f7505290643a9b5e238e972a7fc65ed45bd1eb6a345d1c0ddb5706eb72359710c3db666020b10aa9800a3a5a355ccb1f04603c5f544ad86650a54f53d969f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e32f8eecbbe15603bf7793a859bc5b0e

    SHA1

    3b9087cf56ef3dd6c5c30bbf9183ff0e76557ca5

    SHA256

    3d0f19a2d75dc492657dd8916b6b929207e85a49b6f666c6b4e55095bae97908

    SHA512

    106cbb6c55e268299a0e3e927270c2c85da79b18296715ca64ba7d73c9ab44246fbff360cb3f0d66a31437281e01ec02ba2bab20b02f430b981d6fee396fe438

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3a627b2f90b09495073ed8ffac56e128

    SHA1

    7c4500ab5451457300240c2add2e9a7c14478983

    SHA256

    66800de0c50caf609fb90c4b661476aa81b5054a3fb49e5d58f63512c93324c8

    SHA512

    671e80259a27655db5a052edc20cdd59a375a856c20c11c6ed2fc5a25976ecf97cc93eb75b82670573f839f8807a66e7fb13cc01d6c49803590ad326c60b9771

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d6c14efc53cf381daacbd84c779917b3

    SHA1

    62f3c476ad099dd0d7acfcd20894e394de2cb79e

    SHA256

    a831472dbdcdf92c91a3ae7ef01aaada0de1d4f9ae2cf6b118b1de584eb77aba

    SHA512

    c153fe483640247f089118d65953d205e14762216fccaf7f2cf2ec34ab449eaf8e4a25cb13e89796aba00af7608b6d5ecbf709f00faa87dfd5b08b4ad82623e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    37a7182bb84b90435e773cda27d27c81

    SHA1

    2d6a2582b8d9ff344335f2f715617e9bc4bff928

    SHA256

    03f14fb3123fca5b2ca5260ceb1cf18ea24ba28eadc7362a99a647a212db45eb

    SHA512

    f6ce6a461bc0b6defba1a051fb898d015777877e1d428dc4a207d2f1d46b786822adac70b1c6f50a0198bbd76da9cb56c7aeb221a263c25f4ea99731ae6e9ded

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2C80.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2C7F.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    2eb1e392d60ae31b729ca44caec83c72

    SHA1

    32ce2332b43320655780ad177f66e1c3d6f44f2e

    SHA256

    0d73168f35787b0905626b7e0abbd959641d389be94aad9881a7540c7bf0d8fb

    SHA512

    967b3dcfc63d44c336da2fa40f7ecf58bfb008fda2c12d1ea7c0b6df258861a7e934b83ac73637b5dd11266892451a1c00900e58087970d29ea172af20609e7d

    Download Submit