Overview

overview

4

Static

static

4

AIR FORCE/...FP.pdf

windows7-x64

1

AIR FORCE/...FP.pdf

windows10-2004-x64

1

AIR FORCE/...ed.pdf

windows7-x64

1

AIR FORCE/...ed.pdf

windows10-2004-x64

1

AIR FORCE/...T).pdf

windows7-x64

1

AIR FORCE/...T).pdf

windows10-2004-x64

1

AIR FORCE/... 1.pdf

windows7-x64

1

AIR FORCE/... 1.pdf

windows10-2004-x64

1

AIR FORCE/...22.pdf

windows7-x64

1

AIR FORCE/...22.pdf

windows10-2004-x64

1

AIR FORCE/...ce.pdf

windows7-x64

1

AIR FORCE/...ce.pdf

windows10-2004-x64

1

AIR FORCE/...02.pdf

windows7-x64

1

AIR FORCE/...02.pdf

windows10-2004-x64

1

AIR FORCE/...05.pdf

windows7-x64

1

AIR FORCE/...05.pdf

windows10-2004-x64

1

AIR FORCE/...1 .pdf

windows7-x64

1

AIR FORCE/...1 .pdf

windows10-2004-x64

1

AIR FORCE/...ed.pdf

windows7-x64

1

AIR FORCE/...ed.pdf

windows10-2004-x64

1

AIR FORCE/...19.pdf

windows7-x64

1

AIR FORCE/...19.pdf

windows10-2004-x64

1

AIR FORCE/...AL.pdf

windows7-x64

1

AIR FORCE/...AL.pdf

windows10-2004-x64

1

AIR FORCE/...17.pdf

windows7-x64

1

AIR FORCE/...17.pdf

windows10-2004-x64

1

AIR FORCE/...20.pdf

windows7-x64

1

AIR FORCE/...20.pdf

windows10-2004-x64

1

AIR FORCE/...ts.pdf

windows7-x64

1

AIR FORCE/...ts.pdf

windows10-2004-x64

1

AIR FORCE/...30.pdf

windows7-x64

1

AIR FORCE/...30.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 15:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AIR FORCE/FTUAS Applicable Documents for Reference.pdf

  • Size

    173KB

  • MD5

    ee62cd69484c60e7bd38d4115f6504a6

  • SHA1

    b2b57f27c60f405a3abd7859d327408138b479de

  • SHA256

    cba662c8222e421a8fc3bba170e189fff59d3f1b141083d7f3b3c9946d71dabd

  • SHA512

    e80bb98568b8848ed8e73a89513b231ee11f453a62b4417051cf34b20befacbd403e4160d4a53add163250ea89f0474856bb9b5f508399891437bf2241f5de21

  • SSDEEP

    3072:vDPhba692/B4gDEMVrRbAED7pJdEoFvB5+Sm7CNW4ajbc1fo3dQfE/u2RB6lnAMH:v1bp2/yUrR8EfpJvFphm+NWVjbc1EF/g

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\AIR FORCE\FTUAS Applicable Documents for Reference.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1976

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    72f41c65b63cd9ea0a7601d464ba2984

    SHA1

    efd22c824932a9e1f68a731c4e974c9fe4d1f9d7

    SHA256

    e9aaa913d7076df7554fab7ecc570e7f79d3793b033c6802752125653cbf597f

    SHA512

    205d4daa728e204f6ff6cff020ee90bc52190c3597d424e293606953cc5c6ea51a353c83a825778d9ad4d36fa1b46293d8d2f77940c17de10e13a6276829d3e3

    Download Submit