Analysis

  • max time kernel
    119s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 12:42

General

  • Target

    ESP_QuIP Lung EQA Scheme Lung Cancer Related Markers 2024.pdf

  • Size

    158KB

  • MD5

    49e7336f87b6eea4029ec4f914f409a2

  • SHA1

    b6150841981c7f0104cc239f30ab3f0344f04f20

  • SHA256

    01c70df6a623983ff2fc2021cd7e3027687f4381f7ff42a433610a68884bcc71

  • SHA512

    a213bf052baefb272bd5359035426d4776c06fc35a26f217933b78b6b00f1724077085e6f7850f302883e1242b1a7358d60918eaf3f18b2c8ae08277b36a8fee

  • SSDEEP

    3072:GGgIqRSBYxhDitOSSaf4qvPSW/Op87ag1uqYng43:GGgInuDitOHmhPr7ZATngO

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ESP_QuIP Lung EQA Scheme Lung Cancer Related Markers 2024.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2696

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    013d805c4dd9b7f53e693a70d05ef1c7

    SHA1

    5c0f6bbe852cf047695f64b242c5dd24b7115f71

    SHA256

    8f889027ef403567c71e72ecb068937430598e33de3c72034a921e533a85fe3f

    SHA512

    055531a2047b1c4b4a322fa3c47f4b3a66dc14f1fa1912d8b0b7b70976add759e6635c080f7eaf0748cc8c8a1ee1511a3fc0848b06148eb7bc1fd00308d1804c