Resubmissions

12-06-2024 17:05

240612-vmcamasdqh 6

12-06-2024 16:56

240612-vft7vsscma 7

12-06-2024 16:50

240612-vcjxqasbna 6

12-06-2024 16:40

240612-t6wb6swank 6

Analysis

  • max time kernel
    118s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12-06-2024 16:40

General

  • Target

    sketchyorignorant-main/jar file ___usr_lib_firefox_omni.ja!_chrome_toolkit_res_messaging-system_targeting_Targeting.sys.5mjs.pdf

  • Size

    17KB

  • MD5

    76599b85d086d88d1106ab57922878c5

  • SHA1

    7adb2b535093b1dd6de338b5d903a36a0822e919

  • SHA256

    3e88591b253b5d94fb0e19aedcbcdbb10ef5d22ea172b939ba03f056ffaac9b0

  • SHA512

    b00033f5418ab59690a65814567581c37cea9ab42b096168733e2810c5e3f8d49c47f2c67b8f98ffa8ba3703995230483c5601553b2d9f259a77023296d228e5

  • SSDEEP

    384:2hWPHN+UAgyixde8tN4roDvk0/g8blo+2gHnG:gQkUmmfN4roDvkBgl72kG

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\sketchyorignorant-main\jar file ___usr_lib_firefox_omni.ja!_chrome_toolkit_res_messaging-system_targeting_Targeting.sys.5mjs.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2076

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    d8209b5a21e03a070ced003be5e38f8c

    SHA1

    0cb13b05f8b545bcce24224c69a7e2c70301feed

    SHA256

    da77fc91171a86e4286ec092b90f800bbe23ecb3ad75ebd74ade6c30b962cf42

    SHA512

    a64b3073ac7af6f8b35ce5c1cdcf2822c9ccfa4fc1a781ec83677d35d4a1e4a73b46218003dfd2f66a2447fcc91c35557dd77dc4d96de98c06ced08b5b7538bf