d16cae1786f201a673eeb494919d7d14beb56bbbc5e4f808c50f28516e24907d | Triage

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
30/05/2024, 11:07

Sharing

Report Analysis Logs

General

Target

document.pdf
Size

925KB
MD5

627ef0f9c2af3e5d48421259dd679b37
SHA1

c7d82fd87fbf695093503d3e84f2d05740665955
SHA256

483df3f3be2a04efa29d9c74fcbd906f1a9f9eb7fb9b938d26bfb047c18ca9ff
SHA512

dcde2383f9b2ecdda89b695f0f4cb9fde6a9f193b6e5907150209c3cc7326530eafb80b22d5aa43831457c195249df2887a1a173232aa79e63f14858902f2e0b
SSDEEP

24576:Ax/s1L5nLjweH9/1gr47J6UAohR6vRyf+dE9w87TDZ:i/snLj5H9/1xAoP6Jyf+dE9wSnZ

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1612	AcroRd32.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
1612	AcroRd32.exe
1612	AcroRd32.exe
1612	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\document.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1612

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
c3773b6de5b56469459cc898d17983f2

SHA1
0e05f40a6b5d4ccf93bdba1adfd3db54327221ae

SHA256
9051c78d440618b03dd781a655e452645c62e03ae747fb36f0cf31c99f99d245

SHA512
9b2cbfc9af260df367c6a6083f07df94f7920e480c5cc35d88c06a07d7e6f42dd7e02716d402e0fc6f8c51434e10859695bb70e9ea8145961d118247f6ba3c29

Download Submit