Analysis

  • max time kernel
    120s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 13:18

General

  • Target

    HP0-409.pdf

  • Size

    99KB

  • MD5

    5102ca20934d8e2566b7fb55ad0ab9ec

  • SHA1

    1b5de8f421bb426fa3d2192f33507d09b611208a

  • SHA256

    84389bfa19bbb66aed7c5a301f6575e04f69efa441c7fe17fce2d03cf264014a

  • SHA512

    a9a66b630535680593d228092211f95fcf08ce713a6f6547cbda5ef4625dba9a7e7364a1a73375e272e247b9182094e2c177ab32cb14dbef8d03a889bdf316b0

  • SSDEEP

    1536:shZjFNIdy1TV6jvXlY3q6+qe6QHPyNmB14R/XmO2n+k7RTd4ocA:ERCa4Sq6+qe6eq8BeR/XmF74ocA

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\HP0-409.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2984

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    d95bcba10f5284a437f5b217c10fa0b0

    SHA1

    28dbf2a05be8ad2abe7f9be5fa2bea610ddb74d1

    SHA256

    8700b3dff9e51d30178611dc0fb30dc3b9a45a0d261eec21ff7d82a95232e0a3

    SHA512

    69b504af39391618d013b447b8bd6a2c5d9a93384bc9352e4f56fab14e021dae9cfda7c4f23c255492ea6aee09fe410c010a3e435826ed881bf96b341553c46c

  • memory/2984-0-0x0000000002A90000-0x0000000002B06000-memory.dmp

    Filesize

    472KB