Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 01:23

General

  • Target

    535e36522767716f46bd9281dba8d880_NeikiAnalytics.pdf

  • Size

    78KB

  • MD5

    535e36522767716f46bd9281dba8d880

  • SHA1

    79e21a6446b278db75c3cbee6b0dbe4ebe5a1337

  • SHA256

    a1a530d8b5735dcc04119d4532929358b3eba97fc308364ee69ab61bfc81130a

  • SHA512

    b83ae15c710f477d296ef7de9c5e7ecf689eb63bb6c346819407b4e9f8e3ff5ae2cff21fd8372c0acc8ce3e35199b2f733dfbe008a112338dfb95c4d353f9504

  • SSDEEP

    1536:pAreG/FlEj0jkTZ6D8VjvNY51uAo7RaMcL0vTlK57WJxVDWMl:Kj/F+0jkTwCjvNY5oxbcQvTlK57WJxVN

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\535e36522767716f46bd9281dba8d880_NeikiAnalytics.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1620

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    6e811608ed38431ea019cd1960a345f6

    SHA1

    78e0f87a49718d9a0ecfad982d4b472a16189c9d

    SHA256

    4c630a1421c5daf3f9b09159ff831531e19941584ff7de0713a7ac5a3ab52e81

    SHA512

    9a7ab351545f00322e08bdc5c7938b0dc3d9a6079a7e22964941c5a6023f56baaa04c5254120a3933876505e8de09fdd8da2c178b3a84f622c10b3e433bbf7d1