Overview

overview

3

Static

static

3

6b9b8a9864...cs.pdf

windows7-x64

1

6b9b8a9864...cs.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    23-05-2024 01:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6b9b8a98640808a52c870c83119b9bb0_NeikiAnalytics.pdf

  • Size

    305KB

  • MD5

    6b9b8a98640808a52c870c83119b9bb0

  • SHA1

    fa2faf2227bead6622cf9a34a00dc37ec4d88b65

  • SHA256

    65ae76bfbb804d74b93071df809ce5ee36d2a7819a1a7a4dae0652f7e168553d

  • SHA512

    3707d22276ab7975f024e5f87ac8bd8b21f72ff8960f887abf7b55526b2887ee1af8bf44edd419cc500e02b3908c3103d9e4220c5474d4c00067e7ddd97a5376

  • SSDEEP

    6144:Jffy6wbfsB6N3qyz7D62ujmIerrC9pM+VNl/tZ3iaJoQDrrMlWDLQAE:N6fa6N3hz7D62uj4Gn3P/HrMlWDLZE

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\6b9b8a98640808a52c870c83119b9bb0_NeikiAnalytics.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1620

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    60fc1130fcd74afaa54a7284ddc5c80d

    SHA1

    f7ea6eaa4127275ccf0825531bd9276f1c796ed2

    SHA256

    795aedab27b1f1c5e93470988e2aaadb4f6ff07648376d06979b063403f3217b

    SHA512

    a1056e95d72ea595f8401fdc07bf3333e4c922b24d15f174ddf9a3a9118f2b3d2678bf74a389e399197fdd98be290573b2b82d30cda37b6de73c51b3d57c80d2

    Download Submit