Overview

overview

1

Static

static

1

Istvan.pdf

windows7-x64

1

Istvan.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    11/06/2024, 14:51

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Istvan.pdf

  • Size

    528KB

  • MD5

    fc7099118f5ca94f8e0a8e4b5ca3199d

  • SHA1

    c266e6ff70a914d34983a233885b5adee0359874

  • SHA256

    e165cd99827ed8e33c119199676b282c583ab526e6000f60a0b4351a2bb32341

  • SHA512

    c2af9af3881c21ba297bb4f0cc6ec1dc8fb11c95f799750da2bf5776e11479ece196f23f95b8bc4df95ec0e98c0a16885d42cc2bf3a94249a3b5ab1acf766f19

  • SSDEEP

    6144:hEQaGZA6ntUZMj4f/9TZIyEta7GVlu4b849MhhCj8q+x3aOv6bK/ZNTh4E/T648N:iQX9tUZMMfvEQ49MXCjNw/7d0gTre

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Istvan.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1904

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
          Filesize

          3KB

          MD5

          3b1c36d1c69cf54b58463abdf037cbf8

          SHA1

          0c12af186def72c54cf86878e399830d481f02e6

          SHA256

          0bd4389ef87b13b036c86065f5aad0bf2fb107b955a06278c88e51283b7cb562

          SHA512

          cd9ce42676a5ffa6acbb6843289574eb06dbaba3a339c7f8f0f41fcfddde08ed90afb2ee66b826f70498fb3986869312b16c157436a0c4c3953356a7174453c6

          Download Submit