Overview

overview

1

Static

static

1

WCR-form.pdf

windows7-x64

1

WCR-form.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    31/05/2024, 14:44

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    WCR-form.pdf

  • Size

    435KB

  • MD5

    8b83677f5747e3566e00b8a2c5feebdf

  • SHA1

    2c58bd3b5dbc6680fdcc927bb6cdb40e6304998b

  • SHA256

    2b86caaabca1cea8cb48f927b070411e797a345d1559be5d1a1991cb6fc16677

  • SHA512

    4cf44740b74283160f52758947209a7f1eac7b745e475ccdb93652dee0c89537929d3d966b4d0ea936998700ed140bc1edb95ea3e1f9e6bb0d5a9aec2333c65c

  • SSDEEP

    12288:8x+9jNyPbkQoa0zPELCLHHLFV/KdMdEnYw55/bti:8sZNOhN0z3HP/3inYm5Dti

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\WCR-form.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1308

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
          Filesize

          3KB

          MD5

          91942f8ee28abf652029a609e873194f

          SHA1

          7f5bf25e920aa0f3e7c4668876f269b13f20245d

          SHA256

          528e3abf56fae6037990d56f88fcd6081f32628d05fbb5099ce7c1751698f07e

          SHA512

          f30e704d29169dca5aa36d2e7a8b2aa379a9ac2e697f90af39925ac209d2b3438f9aad9417daf5a7aaad2485d4751c4e4d813c6295ff9c0949433446557d2d2b

          Download Submit