Overview

overview

1

Static

static

1

Neue Dropb...ei.pdf

windows7-x64

1

Neue Dropb...ei.pdf

windows10-2004-x64

1

Resubmissions

11-06-2024 14:39

240611-r1nzss1ajb 1

11-06-2024 14:34

240611-rxxgrszgqg 5

Analysis

  • max time kernel
    31s
  • max time network
    29s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    11-06-2024 14:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Neue Dropbox-Datei.pdf

  • Size

    52KB

  • MD5

    f120aed756506ebaa1f43797db6e68cc

  • SHA1

    cd5e81a73a0939f1f111ee15d38bfef65cee4310

  • SHA256

    e27cc298b322cb8d2de5d264dbda495be6b6b43d5083b38963302c31aefbd2b3

  • SHA512

    b1fba08428f9be64e8bd544220c8d56fa34f0abfb22f071307c4cf23cb442b612bf8ea4e0eaf6e330e3e4f54c1a8dfb17257850ec9ae63d0a56783c2d82b3718

  • SSDEEP

    768:s351cqeHPSxkWC0pY+P5TzFmkKnXkxLmT/9O1V4RPUnW9WTTvdzTnLGG:u1cbqbppP5NF+ViV4xUJLZTnLGG

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 24 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 10 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Neue Dropbox-Datei.pdf"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1688
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://mcgoldrickelectrlc.com/?oebhlcmi
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2096
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2096 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2688

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    d300003d02226df0dede1d9b7f1cfef5

    SHA1

    e38a2215fae5dda9cafd6b06dce3f607ee540c50

    SHA256

    0a892218d5d53d4973f4b130b26f1a485950ebbc6561dd628d0972c25c44005e

    SHA512

    08e4c96ff20b97f35456a13c904ca4dffb412b90b67791427c649fb5a41cb2826f60ecf84fff7c630301d4c81b4c7d5f4020e6b13ed2e1d91bc7c9eabdc270c4

    Download Submit