Overview

overview

5

Static

static

5

Rockwell D...de.pdf

windows7-x64

1

Rockwell D...de.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    29/05/2024, 17:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Rockwell DeviceNet troubleshooting guide.pdf

  • Size

    346KB

  • MD5

    99767e1d07c9a4cb5ff6722fe146642a

  • SHA1

    e9956ee4f5509bb1aaffceaf08236508bea7128f

  • SHA256

    250e0efac9d1d638d51fa83e4edb6ea3190187cb8fb1d9b159edf0c26fccb6f9

  • SHA512

    1c2d6b0772d9401cb6752451d3f74ff59b972afacd8f62d6f7d9e1db0e47d71be1e6777b7efe312fe9b4e6ef437cfcb80f6de6a51bba961cf8bd43aa5e28a054

  • SSDEEP

    6144:yZj7yekW+8kOsz2z/ZT7okbnj2Dn2Ps+JItfQPIXVAP:KaTcCDnNKPIF2

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Rockwell DeviceNet troubleshooting guide.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:764

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    d0f5e103860acbe7600a9165a423e2b0

    SHA1

    1f8e31ba96b5f8c9aab64a9b0e98164025e1c5bd

    SHA256

    905fcfb3ce217977d1fa312ff41a468cc058775deffb1f444f24ff00a1ae0d9e

    SHA512

    2ed0374f0757856d4b37762219da86ca7736de5d65b826d1b0662d48d06429c393e9b3d495e9cdd53edc05deb16abf053c0ec964b9b147ef1e48dba6da57cc9d

    Download Submit