Analysis

  • max time kernel
    197s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 02:22

General

  • Target

    CamScanner 12-06-2024 16.18.pdf

  • Size

    778KB

  • MD5

    e2df9cccc9cd35ba687a2d922b58e989

  • SHA1

    6b2d3cbde1f390bade6a6933f44feb1c2b13fd5c

  • SHA256

    4f9b23cd20c15812c0b40b574b1dcb5aaf655d88188f146b8c45ff228c2183fa

  • SHA512

    af7c57a1bb9eb2561ce0638e351564ca24d1e4e1aacbce8e6690dd6a70e3a0229a9f02c21f587e83e339811505ed7ef766603871583b81047324367903171fb5

  • SSDEEP

    24576:QyScCu2HMlAXlgkInGNGjS6pL8zipAHyeByObLR:192HMSgsGWzigyZOnR

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\CamScanner 12-06-2024 16.18.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1832

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    95c98aa0c56d1d8e03faac7feed2edfb

    SHA1

    9d66907859e5921cd4029d24c6d05150248571ff

    SHA256

    4d9e90829743637c9c8fee65a135e9dd83cce2e2b78f959f99a582e39a729028

    SHA512

    fa2aeeaef41c2175daad79ad23d7559c063fa94b745009d72bd818ecd7561859a8162e456fc840a3e13dcdc877fa3cd80ffcc2d40d9081aff2a341fb78132e86