cb33e5abaf22f4502ccacab30e1d1ebb64e7fe9eecd90a30f9e8a9f1349ff03b | Triage

Resubmissions

29/05/2024, 08:40

240529-kkyezahf48 6

29/05/2024, 08:24

240529-kav7vsge21 6

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
29/05/2024, 08:40

Sharing

Report Analysis Logs

General

Target

bce1d387bdfdf7929d4ad8387875c5c6.pdf
Size

122KB
MD5

40725dc5679158cc047d01652db9f271
SHA1

70dfb997781cb4eb0f417a6366a1f02c7f5fb51e
SHA256

cb33e5abaf22f4502ccacab30e1d1ebb64e7fe9eecd90a30f9e8a9f1349ff03b
SHA512

e77dfe2161b621dcf3967ed36a67a104021ba645e282baf8ccc7ecf96e7916982491d7b780e04906cb9b91c07cee269de3a6a81a5186d69d77cca91177d0c49b
SSDEEP

3072:eWHckG7odzanL9Tc+iVFS8qApPlElB1GU1lVId6:eWeaML9GVF5qAoVleE

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2596	AcroRd32.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
2596	AcroRd32.exe
2596	AcroRd32.exe
2596	AcroRd32.exe
2596	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\bce1d387bdfdf7929d4ad8387875c5c6.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2596

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
4164d500ea5cbb7cb76c0452d6ae06a1

SHA1
7e28aa083a89b7c428344f23000b3792aabf028b

SHA256
e25a7126bf7491a1a87d4e440b776c48b49baef632423394b9d6c76455a02306

SHA512
f7ddc55920cb471c79ccf16cd8c68cbea3df3295713f9296b29997f400888699c66cee6261632e6d1504016ba06ce4865f2cbb78bc7b9fa11931fc1d7378d82e

Download Submit