Overview

overview

1

Static

static

1

20240601_F...al.pdf

windows7-x64

1

20240601_F...al.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    05-06-2024 15:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    20240601_Flottenkonditionen_Astara Ital.pdf

  • Size

    201KB

  • MD5

    a9d508506819055a8d8b9ffcb34f0272

  • SHA1

    41157a2c9e0966f03fd74702dffc7fa790d1ecaf

  • SHA256

    79a858b09d3b81e735e5d6b98adfa97bd95ff9af368b3160b332166532269498

  • SHA512

    24369cf4cbe282aa1b184441221e5756e4428647517fb79b5069e9ee5de518cfec5091168508f140d144ad95ea0e81afa475a9bb43a1e017856d0b733ca0bacb

  • SSDEEP

    6144:LTpHaw15kEF3IdNe+n/OAjqsWsPhrrNXYO:NONe+n1mSPhrrNJ

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\20240601_Flottenkonditionen_Astara Ital.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2064

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    e4d4e2e4522ddf7cbfd9c6c6943c7019

    SHA1

    f433ccdb13e23d7cbbeb085cd48b1347aa5b1668

    SHA256

    67776cdbf5098c0044831c2694925e1919baea71bdfbca4a826d66e0517fb8fc

    SHA512

    443c00554a0a387260c4b174bf74ad2d9f8726cb0c8d6e4a0a623c3d6f52d967cc71003e9d4535ce8d92b9c41ee6e416a85aaaba08d34c4c0086ef243796ce5f

    Download Submit