Overview

overview

4

Static

static

4

AIR FORCE/...FP.pdf

windows7-x64

1

AIR FORCE/...FP.pdf

windows10-2004-x64

1

AIR FORCE/...ed.pdf

windows7-x64

1

AIR FORCE/...ed.pdf

windows10-2004-x64

1

AIR FORCE/...T).pdf

windows7-x64

1

AIR FORCE/...T).pdf

windows10-2004-x64

1

AIR FORCE/... 1.pdf

windows7-x64

1

AIR FORCE/... 1.pdf

windows10-2004-x64

1

AIR FORCE/...22.pdf

windows7-x64

1

AIR FORCE/...22.pdf

windows10-2004-x64

1

AIR FORCE/...ce.pdf

windows7-x64

1

AIR FORCE/...ce.pdf

windows10-2004-x64

1

AIR FORCE/...02.pdf

windows7-x64

1

AIR FORCE/...02.pdf

windows10-2004-x64

1

AIR FORCE/...05.pdf

windows7-x64

1

AIR FORCE/...05.pdf

windows10-2004-x64

1

AIR FORCE/...1 .pdf

windows7-x64

1

AIR FORCE/...1 .pdf

windows10-2004-x64

1

AIR FORCE/...ed.pdf

windows7-x64

1

AIR FORCE/...ed.pdf

windows10-2004-x64

1

AIR FORCE/...19.pdf

windows7-x64

1

AIR FORCE/...19.pdf

windows10-2004-x64

1

AIR FORCE/...AL.pdf

windows7-x64

1

AIR FORCE/...AL.pdf

windows10-2004-x64

1

AIR FORCE/...17.pdf

windows7-x64

1

AIR FORCE/...17.pdf

windows10-2004-x64

1

AIR FORCE/...20.pdf

windows7-x64

1

AIR FORCE/...20.pdf

windows10-2004-x64

1

AIR FORCE/...ts.pdf

windows7-x64

1

AIR FORCE/...ts.pdf

windows10-2004-x64

1

AIR FORCE/...30.pdf

windows7-x64

1

AIR FORCE/...30.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 15:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AIR FORCE/3. TMQ53 CLS PWS-RFP.pdf

  • Size

    767KB

  • MD5

    b7c30145c5493721dfdd6f0a4f15ae6e

  • SHA1

    4ae0509ff15e2a848e06f98419a8a616ec41aaba

  • SHA256

    0ee6e9a57b5bc92321caa60cd6f060a6de0d85f8f741ef96be818730f94d5c6a

  • SHA512

    7f33cf8f9e6420080f5a292673d5bd12f45bd590b788c4117ba6f26426278579b132f9eabdcf91883fec75195a0487dadc4bdbeb026e9d258bd2e01c82a915d9

  • SSDEEP

    12288:X6ri13c02xO4sXCoDoRfs6fajcrFhLfBH5BxdlsRwcJ2fGkp6Vcv1Z6YNZd91YBq:X6+1WOVvDodCjcrZXlsqK2jMVcvz6qZF

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\AIR FORCE\3. TMQ53 CLS PWS-RFP.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2116

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    c6ffbe393f3b59fb1d071d0c2d573ac1

    SHA1

    0353e58810982189dd5b9647338b889d233f27c3

    SHA256

    9684b32ea19a1b2f429796afec1a84e6dd3add588c174f8ed494dade9787bade

    SHA512

    d2929d646a85d1451881632bf9263eb210c7bea5ba9fccb07d834a6b91e5ca03a3ac61f27b00653f237a135a14a3a5c5b739e4cffa9f206b4a5d44fea3dbd137

    Download Submit