Overview

overview

3

Static

static

3

49143ff149...cs.pdf

windows7-x64

1

49143ff149...cs.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    05/06/2024, 07:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    49143ff1492b2dac2b1f6602d395b210_NeikiAnalytics.pdf

  • Size

    87KB

  • MD5

    49143ff1492b2dac2b1f6602d395b210

  • SHA1

    ff2b88d40f6bc0d952555e5228cb5727d98edb0a

  • SHA256

    390da28775cd1ba83446e6ba79afd4409fb6e1b3a3fe8bb785991f6060389723

  • SHA512

    c258ba3074318c308d2479c9f79a4a271628f4af244fcffab77265262d4aaad06f4bcb09501237b3e0f4e32d1e98212e9cf4eef15ba5597b1b88c348b76d51d3

  • SSDEEP

    1536:JWUZCk2MwEZoLW5VxMHyUCWlD0SiFwxkd6E2VCe8Rk6lJTnVmkgiHHlqunaQm7z+:QUZ5PwEm63AtlDBxkKQeEk4VVmkgiHHD

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\49143ff1492b2dac2b1f6602d395b210_NeikiAnalytics.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2072

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    6671de6a69c044cae381854ffc669a17

    SHA1

    ca22591a91a0ba05e40b74fbbb733d1b29758394

    SHA256

    f80e6c993e67ac2037f33db0a50a16cbcda022efd221bd892923fad9a7ff5d04

    SHA512

    a45d80a2b8647811ed4e34b00aa7dd779952e5bae24a7ecc94c0c5131f13503a05ab5745c03c71e146ae3f01870248a8fe89f3a1df1800c87497e2cc35932010

    Download Submit