Overview

overview

6

Static

static

6

c1cf25d58e...cs.pdf

windows7-x64

1

c1cf25d58e...cs.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    14/05/2024, 09:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c1cf25d58ed68c4b35fc276b6fc02340_NeikiAnalytics.pdf

  • Size

    672KB

  • MD5

    c1cf25d58ed68c4b35fc276b6fc02340

  • SHA1

    bdfeb2d1859cab48e82166532547d375a65c5705

  • SHA256

    57a6d454fb1df4a921449c07f3d8aafbb783820f115911ad90ae84bb445b300e

  • SHA512

    bdc86440e5a50193f346d9a9cf5d3e5528a4d8fa70da9a55134736a16328a07272f994a0e90043a965c2868144383e2001e6f235e210ff69c5bcc46dd7f56a26

  • SSDEEP

    12288:/EHD9Um5DT9mqit9LEioWziuGIOumLYgR3xizN9W508IydsG7FOUlfoeLF6TspSq:cjKys/t9Y7WzDD5mcoizgjBJlfoGwspX

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c1cf25d58ed68c4b35fc276b6fc02340_NeikiAnalytics.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1416

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    97982f6f8a7c0dc89659c86e4d31ffe0

    SHA1

    ca157392d978306c4d4cb9c22ba909e9d6a35417

    SHA256

    b8b0db417d3d9bf56449b978a6b4399775b1b04fa5aa8cedd6fb907370d09079

    SHA512

    e174467f4315b0b4d32b73e853344ef7b3d24dd53a5181436db4db947e586a04b186d2115179e750a176e5b865ff824ed67d8ce68fd3d57b9ad771b5674ac3dd

    Download Submit