Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
11-06-2024 18:53
Behavioral task
behavioral1
Sample
Non_Standard_Publication_Global_060624_de-CH.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Non_Standard_Publication_Global_060624_de-CH.pdf
Resource
win10v2004-20240426-en
General
-
Target
Non_Standard_Publication_Global_060624_de-CH.pdf
-
Size
395KB
-
MD5
acf4f506fde40466e0e06f47c008a1ff
-
SHA1
2b3794b465126c6dbad9fa8847b8d4e207db2251
-
SHA256
94386dcf109b9179c42708b639ec3995fbb80cd2ad69818bb418029f30165799
-
SHA512
6fbf3885dad44eab74d7a3cb4128f38408b3a81d43a55ecd5eff4492058eaab68ef1086c09ff5629e3502e210e2bb7feacf80df17d6f759402177fb44e1cdfa7
-
SSDEEP
6144:F+x688UOBv8gHdZL+x688Ddq+RCaoS+mw9HobsrmZ8qBLNU209STJzuwD5TeC2F8:6OBv5HmM+mOHFmZjxU2XuwhVqOP
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1772 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1772 AcroRd32.exe 1772 AcroRd32.exe 1772 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Non_Standard_Publication_Global_060624_de-CH.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1772
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD54934533845b8d8ceda2b7b82666418d8
SHA11f8e4bcfb32672af812a219745119321f9d7e128
SHA256c4030b757feaec2014f5ae661171f9190113c4bb42146e1f49aa282c273e9c07
SHA512d44fb3a1424f9cc4876a0afcb43963dae614f0582e3e9fef46eee9ba8aa189e896d71f766aaee5f95ddc3ab66d0f7a737f8b230ad4778de858939b4bc9cf4308