Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    30-05-2024 12:52

General

  • Target

    0f1b9315d570e9bc88d4dae291c0aa90_NeikiAnalytics.pdf

  • Size

    658KB

  • MD5

    0f1b9315d570e9bc88d4dae291c0aa90

  • SHA1

    59eaebeddfa6a6a9fe6f8cbfc3bb20835cb8bba3

  • SHA256

    b25be7a95e39f69ec3a5af2caeceeb0c104dd91692c488bc419b816cce2186f9

  • SHA512

    5b1a8a138bcbfc8309c582fce6fa03de7186f5f0c0ba4bfba8c3a0a672dd855f37c6a79289b61e816e0b98980b12dde3b52dbf216e04ece5ee2f6844eaf5922a

  • SSDEEP

    12288:Lx9k9pFCYIFSVYbFw3r529h0FD0cSbLj6Phb0k+jyfWm36tkbB+:19qpFrVVYArASFDXSspSAWmKtb

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0f1b9315d570e9bc88d4dae291c0aa90_NeikiAnalytics.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2424

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    b372b17210e120fb7693b7f7337210f3

    SHA1

    d0494fa69af7fdb3c1d09ddfadf607dcd81b029c

    SHA256

    9b85a88c4a36780f5f7c402078d60f34cf0643508333d426ad75cb2e26def285

    SHA512

    79b17d1b83fb492fbfc049ce9b2f377cacc088081085598057b33a4d3e18ac33266dcccdfb55737bec853b7579375c92dd0863897f8136dcc52bd904714b5c2c