Overview

overview

5

Static

static

5

UA12115062.pdf

windows7-x64

1

UA12115062.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 13:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    UA12115062.pdf

  • Size

    90KB

  • MD5

    cfe2e3ed68e7727cc43a3c5626b02b23

  • SHA1

    35f47cce4c2dd8ca2025d590e20c3aef2d68bc8c

  • SHA256

    00dce3008ceeb137ec3a1a75582d93418d15a960d822d5395cb0eef659b24495

  • SHA512

    4d79665e87ca9896616135feb00530af83df1565be661f792d976866bba07c878ef2ed361082ee24f7f489fd110e45873f63388d3763cb7066cd2c9ff1e4f045

  • SSDEEP

    1536:4IN2cPFGFecGEEzcAPPooYpaoNH3lrdYL:7mEz1PwUoNXML

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\UA12115062.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2540

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\Security\addressbook.acrodata
    Filesize

    5KB

    MD5

    4618312ec50b52c81043bb6ff393cfc3

    SHA1

    80537497d939529b34de993b14d96510068bf075

    SHA256

    e8e27396e2a043abd283eed4fd5b8fa256cc22e741defd522158fc9e29205839

    SHA512

    fc589a974f35ee83c297784c7d7cc62826854422ceec2d5ff46aa6575f5b2bade27d26c1dfc0686602c81e5c14f75f7abd23e6c19fd90a2dbe70e0f5c09251e9

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    ce5689adb0f3cf190dd03ecde5d04a29

    SHA1

    da4269a7fcdf149e600ebe07db5b1a7d7704dd18

    SHA256

    f810038a1665961ab0f102726074319a1bdc4100ef8bf6dfe080659c5ef9c957

    SHA512

    821817545e136364e32ca7c13331a3a76a7c3b6156cc34eca5aea0eb569ff744bdace25c4161a64aa1731430b42507d56e080c5c80d99c79c1e32ee53c9636d2

    Download Submit
  • memory/2540-0-0x0000000003310000-0x0000000003386000-memory.dmp
    Filesize

    472KB

    Download