Analysis
-
max time kernel
150s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
13-06-2024 13:12
Behavioral task
behavioral1
Sample
UA12115062.pdf
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
UA12115062.pdf
Resource
win10v2004-20240611-en
General
-
Target
UA12115062.pdf
-
Size
90KB
-
MD5
cfe2e3ed68e7727cc43a3c5626b02b23
-
SHA1
35f47cce4c2dd8ca2025d590e20c3aef2d68bc8c
-
SHA256
00dce3008ceeb137ec3a1a75582d93418d15a960d822d5395cb0eef659b24495
-
SHA512
4d79665e87ca9896616135feb00530af83df1565be661f792d976866bba07c878ef2ed361082ee24f7f489fd110e45873f63388d3763cb7066cd2c9ff1e4f045
-
SSDEEP
1536:4IN2cPFGFecGEEzcAPPooYpaoNH3lrdYL:7mEz1PwUoNXML
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 2540 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 2540 AcroRd32.exe 2540 AcroRd32.exe 2540 AcroRd32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\Security\addressbook.acrodataFilesize
5KB
MD54618312ec50b52c81043bb6ff393cfc3
SHA180537497d939529b34de993b14d96510068bf075
SHA256e8e27396e2a043abd283eed4fd5b8fa256cc22e741defd522158fc9e29205839
SHA512fc589a974f35ee83c297784c7d7cc62826854422ceec2d5ff46aa6575f5b2bade27d26c1dfc0686602c81e5c14f75f7abd23e6c19fd90a2dbe70e0f5c09251e9
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5ce5689adb0f3cf190dd03ecde5d04a29
SHA1da4269a7fcdf149e600ebe07db5b1a7d7704dd18
SHA256f810038a1665961ab0f102726074319a1bdc4100ef8bf6dfe080659c5ef9c957
SHA512821817545e136364e32ca7c13331a3a76a7c3b6156cc34eca5aea0eb569ff744bdace25c4161a64aa1731430b42507d56e080c5c80d99c79c1e32ee53c9636d2
-
memory/2540-0-0x0000000003310000-0x0000000003386000-memory.dmpFilesize
472KB