63a12d00df51a39449cdd29f34ca128bad0d39852783b8ad1fbcfad23f74325d | Triage

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
20/05/2024, 00:53

Sharing

Report Analysis Logs

General

Target

data865134.pdf
Size

862KB
MD5

22fbdce77340edf24453d6475fd84b03
SHA1

de388b0c488dd93ba8c86c2a1582c31785d3a520
SHA256

64d9892f28fd14324dcd747cfd31e6c18378ef8ad2b4ca9f10939281a1804670
SHA512

816a0860b023bae19e666158cf329baece08fd6281bf0a471956e209f83efc8b555fd177f1b9bbcb20fae76ba69ba585d227b0ec034fd5e36036d3e26a0f2e62
SSDEEP

12288:mHj0+gzj6poMLVqElT4czMOFQ+B9Qdcu7myfJV5B0NMMbEl07bxhs4PFHhp:46j47/zMevyftuiem0Hg4dL

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
3056	AcroRd32.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3056	AcroRd32.exe
3056	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\data865134.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:3056

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
6dd295be961a1f9bfe939f6b494a99d4

SHA1
5bc042823de8d31e5876deeb15d9c51575034efa

SHA256
ce0fa45dad0b91bfff2d697a747ded0786255f8fdb8d4a82793c5ae6581bcace

SHA512
d1e960de128cfd82424992f45643bec9553f60d7094304230b50fcbe26c216fd267786e018f89a64b541dbc6455cba9b13e188a30ec96d94272ae1cf9de93c94

Download Submit