Overview

overview

1

Static

static

1

Bill83479134213.pdf

windows7-x64

1

Bill83479134213.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    11/06/2024, 12:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bill83479134213.pdf

  • Size

    64KB

  • MD5

    d831c26e5103f0d429f0482feb286a45

  • SHA1

    de9a083e65a4b1df18d42110e37870f5884e99da

  • SHA256

    31c226198acf2017c343a4ca2707ac564091f5268570ca14511cf21b3a636ac0

  • SHA512

    373ddff274feb643586a34dc2011cd79e645b80ec96049c3ea5132c1353170df11a264c522e06dda14b846e45de98cff4a41e99d32dcb2e6d521083124b9bdf0

  • SSDEEP

    1536:TxeUrLLLLLiLLLLL8CDYKQ/SydUvrrX3d0L4UAlF9jHMcJ1zWCOM:Tlt1Sy+rBO4U2FGc/WCOM

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Bill83479134213.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2192

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    3f3a137f66ec0f4188486bcc5a6b676b

    SHA1

    b8faf275ad57e1d7f3c6127f6afb640c94db0a13

    SHA256

    b20f8f15d5f082cefbc1e3835caff182a95ac7f338fa37f4ae12f95c5f9a0218

    SHA512

    6228bf0d7e95b6c9f2f5467279218624e02cbd5c2070944d1d66a5f84e143d4b6b7cc089d099a18c434db5f2f4fc5324c3ade5c5749a571adc1886c6d9a11bb2

    Download Submit