Analysis

  • max time kernel
    118s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    13/05/2024, 06:50

General

  • Target

    a2e5b5cddee53b9edb0c21704b2852a0_NeikiAnalytics.pdf

  • Size

    578KB

  • MD5

    a2e5b5cddee53b9edb0c21704b2852a0

  • SHA1

    004bced8c01c95e9af90e41b45c66b8202d713b0

  • SHA256

    deb7ad9b71f68511f8aca99c42abb799bc2b54fd9f91c083bf19cd2e9ccdc60d

  • SHA512

    143e61bb77a395d5520c80a9d9e6c12e42fb390995aa9de545554e76d333bb25d580234c453b939d19ae808f71df302e11807be7c53772f9bb2b5e75adb37353

  • SSDEEP

    12288:1ni9hp6KI9jCkhRYAhiXIpEPSdEEaCb4eoCAlWspZL:1qIJzxhi45dE+l9szL

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a2e5b5cddee53b9edb0c21704b2852a0_NeikiAnalytics.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2340

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

          Filesize

          3KB

          MD5

          d65f8874409d7077413745123a9007d7

          SHA1

          7b30902ff371f7667b0a5ad68127984e2f764d75

          SHA256

          7474f6ba2f1c1cdf5c59c70e8c52d9f308807ad4a5f1bd6af50999bf8f686fd9

          SHA512

          7e010971c330897a3f17a3348dc3953095472262334c6e394a3601115fd53761000ccc4d34d68e69c94cfcb47afbb4b3b1c31062b74318713895763567ae9261