Overview

overview

6

Static

static

6

magic.pdf

windows7-x64

1

magic.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    09-06-2024 20:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    magic.pdf

  • Size

    18KB

  • MD5

    d7c4040bf17588e895e43d36ce278365

  • SHA1

    28821bfe60d9ef33c6b029d211766f57aafb20be

  • SHA256

    944c350a9a9f7481284a2efa6f1c4a69511e73167301ed4305cf5c88b4c93b2b

  • SHA512

    592bcca0de4656652f800e17dd1d2bb48701bcee777610788dfc7636c582738dd5d157638b8a3580d555460ffbb720d5ae4e83f9d4bd0d0096a21b47ae5fda6c

  • SSDEEP

    384:AFH1bHn/aT6u3XDlyVX8fNQNvgc75wGmdfyQZL7I74pRwnrYvNKla1DXT:AFH1bH/aT60kXQNshCKQRCnroKA1

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\magic.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2028

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    522cabe7cb6a58da0b3c30e5143ac1a8

    SHA1

    8b58234ca0abf5a3cbf8bf0f6c9f7051e3f557ad

    SHA256

    7258bf3cbed0ec10630ddffd1d275929938b5033f741490317941419bfd70e77

    SHA512

    4ef320813df2b608ed05486d04105f26e41c31c2c4dd19cd957c8aef780f5df2437a0a5f79cb1aef7df2c0979d20ca3239eae2ee2f724e9a59a938b745abd4ba

    Download Submit