Overview

overview

4

Static

static

4

AIR FORCE/...FP.pdf

windows7-x64

1

AIR FORCE/...FP.pdf

windows10-2004-x64

1

AIR FORCE/...ed.pdf

windows7-x64

1

AIR FORCE/...ed.pdf

windows10-2004-x64

1

AIR FORCE/...T).pdf

windows7-x64

1

AIR FORCE/...T).pdf

windows10-2004-x64

1

AIR FORCE/... 1.pdf

windows7-x64

1

AIR FORCE/... 1.pdf

windows10-2004-x64

1

AIR FORCE/...22.pdf

windows7-x64

1

AIR FORCE/...22.pdf

windows10-2004-x64

1

AIR FORCE/...ce.pdf

windows7-x64

1

AIR FORCE/...ce.pdf

windows10-2004-x64

1

AIR FORCE/...02.pdf

windows7-x64

1

AIR FORCE/...02.pdf

windows10-2004-x64

1

AIR FORCE/...05.pdf

windows7-x64

1

AIR FORCE/...05.pdf

windows10-2004-x64

1

AIR FORCE/...1 .pdf

windows7-x64

1

AIR FORCE/...1 .pdf

windows10-2004-x64

1

AIR FORCE/...ed.pdf

windows7-x64

1

AIR FORCE/...ed.pdf

windows10-2004-x64

1

AIR FORCE/...19.pdf

windows7-x64

1

AIR FORCE/...19.pdf

windows10-2004-x64

1

AIR FORCE/...AL.pdf

windows7-x64

1

AIR FORCE/...AL.pdf

windows10-2004-x64

1

AIR FORCE/...17.pdf

windows7-x64

1

AIR FORCE/...17.pdf

windows10-2004-x64

1

AIR FORCE/...20.pdf

windows7-x64

1

AIR FORCE/...20.pdf

windows10-2004-x64

1

AIR FORCE/...ts.pdf

windows7-x64

1

AIR FORCE/...ts.pdf

windows10-2004-x64

1

AIR FORCE/...30.pdf

windows7-x64

1

AIR FORCE/...30.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 15:46 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AIR FORCE/HSIP_FY21_SOW_BusinessPoints_20210105.pdf

  • Size

    865KB

  • MD5

    cb1d711143d989972ba6fe98ba2d0b13

  • SHA1

    04935de584e065b77d2377180e1bf7b1e5cb11ab

  • SHA256

    0ffcbbb960a9f3b55eb047b01d5553e6e431c82f6c3312fb09b4d36b15daac8f

  • SHA512

    e74638003636d0accb27002799518824a689db08d9b052ea42bbaf79d360c1e79bf17ea86dd72301841e0de54108202295cfd53c0b83c3db147f9dc2d88e355c

  • SSDEEP

    12288:1J36aYpa96/8wsO8OKDihujrCiIhUfQNd6mFSqrAuH/sFuhgXikXT+5l6lNRWqAe:TT+aMhsO8OKD+NLFSOEm/kL3WlSB

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\AIR FORCE\HSIP_FY21_SOW_BusinessPoints_20210105.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:3052

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    f82533e9896db4f74f26daf13fae1d10

    SHA1

    05f5b30eead8ffbf55ad64c86c33727448f181b2

    SHA256

    5f65f7cc69035b6212cdf04c9da2a629ca0fc6c4eeab56e809a7dcf6c922ab01

    SHA512

    762c9e3c87b64f61b82280bebc70607378a514c0b1ae7ded6f92a5f15c55a8fc94f40e01b2bea55d9a426d5d13c8fdb42853ab417aaace484effbbd6dfd5ef80

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.