Analysis

  • max time kernel
    122s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    15-06-2024 06:13

General

  • Target

    materials/5-go-m5-branching-slides.pdf

  • Size

    347KB

  • MD5

    b09e60847ae2138b3ca7abbf8afcda1c

  • SHA1

    a065020fd35c991c256f3a97bd727246eebd0009

  • SHA256

    682630268587633d57cc6ef86731c8dc43b34c1e65f2f6ac8c14b34b88a52b05

  • SHA512

    298d67282fe37c94b52a3c1f391429070c287af7dfa4bf8419236221b99167df6be185e3d7559503cb88307baad66b2eb293f27bc8862ad2d67e55236d973529

  • SSDEEP

    6144:v4kklhBgPwG1k635v+WMJyNu2mMTOPo2DSt5hEHZEkhMEe53AFY5M72R:AkM+PwGy635WymAOwgStMHZEkhM22R

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\materials\5-go-m5-branching-slides.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:3064

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    486e34afe5c9cf0024f44a2538697bae

    SHA1

    c657d2ae90d6f8c890d6206a4c11d41ae28d2d41

    SHA256

    0563162b9e9f89f1e9cc7dc7bf558385036f45c27076492572a22f61a3d16262

    SHA512

    fbab83a97ed0292566e60fcf89ba55ac47de432cfd0e866ebf40d384f92a016f959eb96f97ccf1a228aa5561d2b9dd96459413a0287ac842c939cda8b7e36146