Overview

overview

7

Static

static

3

Autodesk_M...64.exe

windows7-x64

6

Autodesk_M...64.exe

windows10-2004-x64

4

$DOCUMENTS...ys.pdf

windows7-x64

1

$DOCUMENTS...ys.pdf

windows10-2004-x64

1

$DOCUMENTS...JP.pdf

windows7-x64

1

$DOCUMENTS...JP.pdf

windows10-2004-x64

1

$DOCUMENTS...CN.pdf

windows7-x64

1

$DOCUMENTS...CN.pdf

windows10-2004-x64

1

$DOCUMENTS...fo.pdf

windows7-x64

1

$DOCUMENTS...fo.pdf

windows10-2004-x64

1

$DOCUMENTS...JP.pdf

windows7-x64

1

$DOCUMENTS...JP.pdf

windows10-2004-x64

1

$DOCUMENTS...CN.pdf

windows7-x64

1

$DOCUMENTS...CN.pdf

windows10-2004-x64

1

$PLUGINSDI...sh.rtf

windows7-x64

4

$PLUGINSDI...sh.rtf

windows10-2004-x64

1

$PLUGINSDI...se.rtf

windows7-x64

4

$PLUGINSDI...se.rtf

windows10-2004-x64

1

$PLUGINSDIR/LogEx.dll

windows7-x64

3

$PLUGINSDIR/LogEx.dll

windows10-2004-x64

3

$PLUGINSDIR/Math.dll

windows7-x64

3

$PLUGINSDIR/Math.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

$TEMP/vcre...64.exe

windows7-x64

7

$TEMP/vcre...64.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    19/05/2024, 19:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $DOCUMENTS/meshmixer/help_docs/hotkeys_zh_CN.pdf

  • Size

    597KB

  • MD5

    8d58edce6893b4ca65a41da608a1c9af

  • SHA1

    fa2a7f35cbedc7620b2125754b3ab8e641047518

  • SHA256

    3e882982b85dae403d2961cd816fb764850717ac286f4977354b7acd539f79be

  • SHA512

    76835f6133d3cf2ff726bd7c60dad51c5f6d0c42436eea5cf3a02b6fbd94413d7150a0f49d1e3089efe613d8b1f8c57992f35f46b37beda8788ba4542dac8c66

  • SSDEEP

    12288:kIe0o6FK4bC7XYU0P25rpLbFVKQKpVXpHvtNOJVnKNy:kSoz427NXpLbPypFpHWJ1KNy

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\$DOCUMENTS\meshmixer\help_docs\hotkeys_zh_CN.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:3024

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    cdf8b5a4396e75f8ab24bf0bb803ca09

    SHA1

    48c13edeb670d747df9fb5428212021afa694091

    SHA256

    6236024f9cc96d1af79c7bc32343e111c2b78e63d0a61c277643a53ec3e307ea

    SHA512

    dac905a06ec4c3af1a00cd6bcdc45e051927fc92650de03c137bd3a17d73436d366f1514f777d0437bd0725b9dc01e5eb4c12aa6f30b5e0c67a0e7cd54cbbc21

    Download Submit